/app/controllers/users_controller.php
PHP | 2812 lines | 2118 code | 480 blank | 214 comment | 424 complexity | 7abfd0156b5aa0d4caea3a595afe5acb MD5 | raw file
Possible License(s): LGPL-2.1, AGPL-1.0
- <?php
- class UsersController extends AppController {
- var $name='Users';
- var $components = array('Pagination','Thumbnail','Thumbnailc','Sendmail'); // ,'Cakephpbb' for phpbb componrent - not need
- var $helpers = array('javascript', 'error', 'Pagination','Ajax','Friendsurl');
-
- //this function is used to display the comming soon page
- //delete this function along with LAYOUT = FALASE and VIEW - FALSEINDEX
- function falseindex() {
- $this->layout = 'false';
- }
-
- function index() {
- $this->layout = 'default';
- $this->checkSession();
- }
-
- function sendforgotpassword() {
-
- if(isset($this->data['User']['userForgotName']) && $this->data['User']['userForgotName']!='') {
-
- $forgotuser = "SELECT password,id from users where username='".mysql_escape_string($this->data['User']['userForgotName'])."' ";
- $forgotuser_res = mysql_query($forgotuser);
- if(mysql_num_rows($forgotuser_res)>0) {
- $forgotuser_arr = mysql_fetch_array($forgotuser_res);
- $userDetails=$this->getUserDetails($forgotuser_arr['id']);
-
- $this->set('receiptInfo',$userDetails);
- ####### MAIL TEMPLATE
- $this->Sendmail->Mail();
- $this->Sendmail->From(FROMMAIL);
- $this->Sendmail->To($userDetails['email']);
- //$this->Sendmail->Cc("sanjib@navsoft.in");
-
- $subject="XOIMAGES PASSWORD REQUEST";
- $this->Sendmail->Subject($subject);
- $this->Sendmail->layout='email';
- $this->Sendmail->view='mail_userpassword';
- $this->Sendmail->startup($this);
- $messageBody=$this->Sendmail->bodyText();
- $this->Sendmail->Body($messageBody); // set the body
- $this->Sendmail->Priority(1) ;
- $this->Sendmail->Send();
- $this->set('mailmsg','Your login information has been sent to your email.');
-
- #####
- }
- else {
- $this->set('mailmsg','Username is invalid. Please give A valid Username.');
-
- }
- }
- $this->render('validpasssending', 'ajax');
-
- }
-
-
- ################################################### PHOTOS SECTION #############################
- function indexnew() {
- $this->layout = 'xoindex';
- $this->homepageslideInfo('Home');
- ################################################ Auction Invitation ################
- if(isset($_REQUEST['key'])&& $_REQUEST['key']!='') {
- $this->Session->write('auctKey',$_REQUEST['key']);
- if(isset($_REQUEST['act'])&& $_REQUEST['act']=='auctiondonorsinvite')
- $this->Session->write('auctType',$_REQUEST['act']);
- }
- ############################################ /Auction Invitation ################
- }
-
- function photos() {
- $this->layout = 'userphotoinner_home';
- $this->homepageslideInfo('Photos');
-
- }
-
- function customprofile($savimgpath=null) {
- $this->layout = 'profile_blank';
- $this->set("saveimagepath",$savimgpath);
- }
-
-
- function myalbum() {
- $this->checkSession();
- $this->layout = 'userphotoinner';
- $this->pageTitle = 'My Album';
- }
- function allalbum() {
- $this->layout = 'userphotoinner';
- $this->pageTitle = 'All Album';
-
- $select = " Select Xalbum.id,Xalbum.user_id,Xalbum.album_bg,Xalbum.album_access,Xalbum.album_name,Xuser.username";
-
- $from=" FROM user_albums Xalbum
- LEFT JOIN users Xuser ON Xalbum.user_id = Xuser.id
- LEFT JOIN user_details Xuserdetail ON Xalbum.user_id = Xuserdetail.user_id";
-
- $where="WHERE 1 AND Xalbum.album_access='public'";
- $others=" ";
- $others=" order by Xalbum.id desc";
- $PassParameter='';
- $fltr='';
- $CountField="Xalbum.id";
- $this->set("controller","users");
- $this->set("action","allalbum");
- $this->set("parameter",$PassParameter);
- $this->set("fltr",$fltr);
-
- $this->pagination($select,$from,$where,$others,$CountField,$this->params['url'],$PassParameter);
- if(isset($this->params['url']['Page'])) {
- $this->render("allalbum2","ajax");
- }
- }
-
-
-
- function photolisting() {
- $this->layout = 'userphotoinner';
- if(isset($_REQUEST['listtype']) && $_REQUEST['listtype']!='')
- $catlisttype = $_REQUEST['listtype'];
- else
- $catlisttype = '';
-
-
- ############################### Page Title & Head ############################
-
- $pageheadArr = array();
- $pageheadArr['featured'] = 'Featured';
- $pageheadArr['recent'] = 'Recent';
- $pageheadArr['mostvoted'] = 'Most Voted';
- $pageheadArr['mostcomment'] = 'Most Discussed';
- $pageheadArr['random'] = 'Random';
- $pageheadArr['favorite'] = 'Most Favorited ';
- $pageheadArr['tag'] = 'Tagged ';
- $pageheadArr['search'] = 'Search Result';
- $pageheadArr['mostviewed'] = 'Most Viewed';
- $pageheadArr['albumview'] = 'Album';
-
- if (array_key_exists($catlisttype, $pageheadArr)) {
- if($catlisttype=='albumview') {
- /* Album Name*/
- $albumNameSql = "Select IFNULL(album_name,'') as albumName from user_albums where id='".base64_decode($_REQUEST['albumid'])."'";
- $albumNameSql_res = mysql_fetch_array(mysql_query($albumNameSql));
- $albumName = stripslashes($albumNameSql_res['albumName']) ;
- /**/
- $this->pageTitle = $pageheadArr[$catlisttype]. $albumName.' Photos';
- $this->set('pagehead',$pageheadArr[$catlisttype].' : '. $albumName. ' Photos');
-
- }
- else {
- if($catlisttype=='tag') {
- $this->pageTitle = $pageheadArr[$catlisttype].' Photos : '. substr($_REQUEST['sortby'],0,20);
- $this->set('pagehead',$pageheadArr[$catlisttype].' Photos : '.substr($_REQUEST['sortby'],0,20));
- }
- else {
- $this->pageTitle = $pageheadArr[$catlisttype].' Photos';
- $this->set('pagehead',$pageheadArr[$catlisttype].' Photos');
- }
- }
- }
- else {
- $this->pageTitle = 'Photos';
- $this->set('pagehead','Photos');
-
- }
- ############################### Page Title & Head ############################
-
-
-
- /* Pagination and PHOTO listing */
- $select = " Select X.id,X.user_id,X.pic_original_name,X.pic_title,X.pic_desc,Xuser.username ,COUNT(Xcomment.id) as photoreview , Xuserdetail.user_profile_img , IFNULL(ROUND(AVG(Xrating.vote),0),0) as photorat,Xalbum.album_name ,Xalbum.id as albumid ,COUNT(Xfavorite.id) as photofavored ,X.is_featured , X.creation";
-
- $from=" FROM user_photo_albums X
- LEFT JOIN user_albums Xalbum ON X.user_album_id = Xalbum.id
- LEFT JOIN comments Xcomment ON X.id = Xcomment.user_photo_albums_id
- LEFT JOIN users Xuser ON X.user_id = Xuser.id
- LEFT JOIN user_details Xuserdetail ON X.user_id = Xuserdetail.user_id
- LEFT JOIN user_voting_images Xrating ON X.id = Xrating.image_id
- LEFT JOIN user_favorite_photo Xfavorite ON X.id=Xfavorite.favorite_photo_id ";
-
- $where="WHERE 1 AND X.is_blocked='0' AND X.is_temp='0' AND Xalbum.album_access='public'";
-
- if($catlisttype=='featured')
- $where.=" AND X.is_featured='1' ";
- if( $catlisttype=='albumview' && isset($_REQUEST['albumid']) && base64_decode($_REQUEST['albumid'])>0)
- $where.=" AND X.user_album_id='".base64_decode($_REQUEST['albumid'])."' ";
- if($catlisttype=='tag')
- $where.=" AND X.id IN (Select user_photo_album_id from user_photo_albums_tags where tagname Like '%".$_REQUEST['sortby']."%')";
- if($catlisttype=='search')
- $where.=" AND X.pic_title LIKE '%".$_REQUEST['srchtxt']."%' OR X.id IN (Select user_photo_album_id from user_photo_albums_tags where tagname Like '%".$_REQUEST['srchtxt']."%') ";
-
-
- $others=" group by X.id order by X.id desc ";
-
- if($catlisttype=='mostvoted')
- $others .=" ,photorat desc ";
-
- if($catlisttype=='mostcomment')
- $others .=" ,photoreview desc ";
-
- if($catlisttype=='mostviewed')
- $others .=" ,X.viewed desc ";
- if($catlisttype=='random')
- $others .=" , rand()";
-
- if($catlisttype=='favorite')
- $others .=" ,photofavored desc ";
-
- if($catlisttype=='recent')
- $others.=" ";
-
-
- if(isset($_REQUEST['sortby']) && $_REQUEST['sortby']!='')
- $PassParameter="listtype=".$catlisttype."&sortby=".$_REQUEST['sortby'];
- else {
- if(isset($catlisttype) && $catlisttype=='albumview')
- $PassParameter="listtype=".$catlisttype."&albumid=".$_REQUEST['albumid'];
- else {
- if(isset($_REQUEST['srchtxt']) && $_REQUEST['srchtxt']!='')
- $PassParameter="listtype=".$catlisttype."&srchtxt=".$_REQUEST['srchtxt'];
- else
- $PassParameter="listtype=".$catlisttype;
- }
- }
-
-
-
- $fltr='';
- $CountField="X.id";
- $this->set("controller","users");
- $this->set("action","photolisting");
- $this->set("parameter",$PassParameter);
- $this->set("fltr",$fltr);
-
- $this->pagination($select,$from,$where,$others,$CountField,$this->params['url'],$PassParameter);
- if(isset($this->params['url']['Page']) || (isset($fltr) && $fltr!="") ) {
- $this->set('pagehead','Most Recent');
- $this->render("photolisting2","ajax");
- }
-
- /**/
- }
-
- function featuredphoto($catlisttype=null) {
-
- $this->layout = 'profile_blank';
- /* Pagination and PHOTO listing */
- $select = " Select X.id,X.user_id,X.pic_original_name,X.pic_title,X.pic_desc,Xuser.username ,COUNT(Xcomment.id) as photoreview , Xuserdetail.user_profile_img , IFNULL(ROUND(AVG(Xrating.vote),0),0) as photorat,Xalbum.album_name ,Xalbum.id as albumid ,COUNT(Xfavorite.id) as photofavored ,X.is_featured,X.creation ";
-
- $from=" FROM user_photo_albums X
- LEFT JOIN user_albums Xalbum ON X.user_album_id = Xalbum.id
- LEFT JOIN comments Xcomment ON X.id = Xcomment.user_photo_albums_id
- LEFT JOIN users Xuser ON X.user_id = Xuser.id
- LEFT JOIN user_details Xuserdetail ON X.user_id = Xuserdetail.user_id
- LEFT JOIN user_voting_images Xrating ON X.id = Xrating.image_id
- LEFT JOIN user_favorite_photo Xfavorite ON X.id=Xfavorite.favorite_photo_id ";
-
- $where="WHERE 1 AND X.is_blocked='0' AND X.is_temp='0' AND Xalbum.album_access='public'";
-
- $moreUrl = $this->webroot.'users/photolisting?listtype=recent';
-
- if($catlisttype=='featured') {
- $where.=" AND X.is_featured='1' ";
- $moreUrl = $this->webroot.'users/photolisting?listtype=featured';
- }
-
- $others=" group by X.id ";
-
- if($catlisttype=='mostvoted') {
- $others .=" order by photorat desc ";
- $moreUrl = $this->webroot.'users/photolisting?listtype=mostvoted';
-
- }
-
- if($catlisttype=='')
- $others.=" order by X.id desc";
-
- $photoquery = mysql_query($select .$from .$where.$others .' LIMIT 12');
- $this->set('query',$photoquery) ;
- $this->set('morelink',$moreUrl) ;
-
- }
-
-
-
- function pagination($select,$from,$where,$others,$CountField,$arg,$PassParameter) {
- if(isset($arg['Page']))
- $pageFlag=$arg['Page'];
- $this->set("PassParameter",$PassParameter);
- $SetUserNumberOfVpsPerPage=SHOW_REC; /* Defined in config->paths.php*/
-
- $this->set("BackgroundClass",'pagination');
- $this->set("SelectedPage",'pagination_over');
- $this->set("Linkpage",'pagination_over');
- $this->set("FirstImage",'fdd.gif');
- $this->set("PreviousImage",'previous.gif');
- $this->set("NextImage",'next.gif');
- $this->set("LastImage",'rewd.gif');
-
- $UserNumberOfVpsPerPage=SHOW_REC; /* Defined in config->paths.php*/
- if(!is_numeric($UserNumberOfVpsPerPage)|| (intval($UserNumberOfVpsPerPage)!=$UserNumberOfVpsPerPage)||($UserNumberOfVpsPerPage<=0))
- $UserNumberOfVpsPerPage = $SetUserNumberOfVpsPerPage;
-
- if(!isset($arg['Page'])) $arg['Page']=1;
- if(!isset($arg['Offset'])) $arg['Offset']=0;
- ///echo "$select $from $where $others" ;
- $Query_ForNumber_Records=mysql_query("$select $from $where $others") or die('Line no 120' . mysql_error());
- //$Result_Query_ForNumber_Records=mysql_fetch_object($Query_ForNumber_Records);
-
- //$NoOfVps=$Result_Query_ForNumber_Records->NoOfVps;
- $NoOfVps=mysql_num_rows($Query_ForNumber_Records);
-
- $NumberOfVpsPerPage=$UserNumberOfVpsPerPage;
- $NoOfPages=ceil($NoOfVps/$NumberOfVpsPerPage); //3
- if($arg['Offset']==$NoOfVps) {
- if(isset($Offset)) {
- $Offset=$Offset-$NumberOfVpsPerPage;
- $Page--;
- if($Offset<0) {
- $Offset=0;
- $Page=1;
- }
- }else {
- $Offset=0;
- $Page=1;
- }
- }
-
- $this->set("Page",$arg['Page']);
- $this->set("Offset",$arg['Offset']);
- $this->set("NumberOfVpsPerPage",$NumberOfVpsPerPage);
- $this->set("NoOfPages",$NoOfPages);
- $this->set("UserNumberOfVpsPerPage",$UserNumberOfVpsPerPage);
-
- //print "$select $from $where $others";
- $this->set("qryOthr","$select $from $where");
- //echo "$select $from $where $others LIMIT ".$arg['Offset'].",$NumberOfVpsPerPage";
-
- $SelectRecord = mysql_query("$select $from $where $others LIMIT ".$arg['Offset'].",$NumberOfVpsPerPage") or die('Line no '.__LINE__ . mysql_error());
- $this->set("query",$SelectRecord);
-
- }
-
- ################################################### PHOTOS SECTION #############################
- function aboutus() {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='1'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- ######
- }
- function contactus($windowType=null) {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='2'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- if($windowType)
- $this->set('windowcontent',$windowType);
- else
- $this->set('windowcontent','feedback');
-
- ######
- }
- function contactusajax($pageaction=null) {
- echo $pageaction;
- $this->set('pagecontentText',$pageaction);
- $this->render('contactusajax', 'ajax');
-
- }
- function terms() {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='3'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- ######
- }
- function privacy() {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='4'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- ######
- }
- function disclaimer() {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='5'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- ######
- }
- function parents() {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='7'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- ######
- }
-
- function home() {
- $this->layout = 'default';
- $this->pageTitle = 'Home';
- $this->pageTitle = 'User Login';
- if(isset($_SESSION['UserId']) && $_SESSION['UserId']!="") {
- $tempid = time();
- $tempsessid = session_id();
- $this->set('loggedUid',base64_encode($_SESSION['UserId']));
- $this->set('loggedId',$tempid);
- $this->set('loggedsid',$tempsessid);
-
- }
- }
- function login() {
- $this->layout = 'default';
- $this->pageTitle = 'User Login';
- if(!empty($this->data)) {
- $this->data['User']['username']=trim($this->data['User']['userLoginName']);
- $this->data['User']['password']=base64_encode(trim($this->data['User']['userLoginPass']));
- $someone = $this->User->findByUsername($this->data['User']['username']);
- $hRef = $_SERVER['HTTP_REFERER'];
- $this->Session->write('href', $hRef);
- if(!empty($someone['User']['password']) && $someone['User']['password'] == $this->data['User']['password'] && $someone['User']['user_status']==1) {
- if($someone['User']['user_status']==1) {
- $this->Session->write('User', $someone['User']['username']);
- $this->Session->write('UserId', $someone['User']['id']);
- $this->Session->write('GrpId', $someone['User']['user_group_master_id']);
-
-
- ########################## AUCTION INVITATION OPERATION #######
- if(isset($_SESSION['auctKey']))
- $this->auctInviteoperation() ;
- ############################# /AUCTION INVITATION OPERATION #######
-
- if(isset($_REQUEST['act_event']) && $_REQUEST['act_event'] != "") {
- $link = 'calendars/acceptinvitation?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evtid'].'&invitation='.$_REQUEST['invitation'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['act']) && $_REQUEST['act'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evtid'].'&invitation='.base64_decode($_REQUEST['invitation']);
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "sharecal") {
- $qry = "insert into calendar_import values(".base64_decode($_REQUEST['calid']).", ".$someone['User']['id'].", 'y')";
- $res = mysql_query($qry);
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.base64_encode(1);
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "eventinvite") {
- $link = 'calendars/acceptinvitation?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else {
- $this->flash('The username with id: '.$this->data['User']['username'].' has been submitted.', '/users');
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.base64_encode(1);
- $this->redirect($link);
- }
- }
- else {
- $msg = "Invalid Login";
- $this->redirect('/users/signup?msg=error');
- }
- }
- else {
- $msg = "Invalid Login";
- $this->redirect('/users/signup?msg=error');
- }
-
- }
- }
-
- function headerlogin() {
- $this->layout = 'default';
- $this->pageTitle = 'User Login';
- if(!empty($this->data)) {
- $this->data['User']['username']=trim($this->data['User']['headerLoginName']);
- $this->data['User']['password']=base64_encode(trim($this->data['User']['headerLoginPass']));
- $someone = $this->User->findByUsername($this->data['User']['username']);//"http://adserver:8088/xoimage-115-07/Nnew/"
- $hRef = $_SERVER['HTTP_REFERER'];
- $this->Session->write('href', $hRef);
- if(!empty($someone['User']['password']) && $someone['User']['password'] == $this->data['User']['password'] && $someone['User']['user_status']==1) {
-
- if($someone['User']['user_status']==1) {
- mysql_query("DELETE FROM xoevent_cart WHERE xoevent_pay_status='0' AND user_id='".$someone['User']['id']."' AND xoevent_sessionid!='".session_id()."'") or die(mysql_error());
- $_REQUEST['actVal'];
- $this->Session->write('User', $someone['User']['username']);
- $this->Session->write('UserId', $someone['User']['id']);
- $this->Session->write('GrpId', $someone['User']['user_group_master_id']);
-
-
- ##################### FORUM SESSION START
- /* $ch = curl_init();
- $scriptUrl = DOMAIN. 'phpbbcakelogin.php?userName='.$this->data['User']['username'].'&password='.$this->data['User']['password'];
- curl_setopt($ch, CURLOPT_URL, $scriptUrl);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- $output =curl_exec($ch);
- curl_close($ch);
- echo $output ;/**/
- //$this->Cakephpbb->phpbbuserlogged($this->data['User']['username'],$this->data['User']['password']);*/
- ##################### FORUM SESSION START
-
-
- if($someone['User']['user_group_master_id']==2) {
- //echo "group id : 2";
- $_SESSION['pubSchool']='p';
- $_SESSION['is_public']=1;
- $_SESSION['categoryTab']=2;
- }
-
- if($someone['User']['user_group_master_id']==3) {
- //echo "group id : 3";
- $_SESSION['pubSchool']='s';
- $_SESSION['is_public']=2;
- $_SESSION['categoryTab']=3;
- }
-
-
- ########################## AUCTION INVITATION OPERATION #######
- if(isset($_SESSION['auctKey']))
- $this->auctInviteoperation() ;
- ############################# /AUCTION INVITATION OPERATION #######
-
- if(isset($_REQUEST['act']) && $_REQUEST['act'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evtid'].'&invitation='.base64_decode($_REQUEST['invitation']);
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "sharecal") {
- $qry = "insert into calendar_import values(".base64_decode($_REQUEST['calid']).", ".$someone['User']['id'].", 'y')";
- $res = mysql_query($qry);
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']);
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "eventinvite") {
- $link = 'calendars/acceptinvitation?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else {
- $this->flash('The username with id: '.$this->data['User']['username'].' has been submitted.', '/users');
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']);
- $this->redirect($link);
- }
- }
-
- }
- else {
- $msg = "Invalid Login";
- $this->redirect('/?msg=headererror');
- }
-
- }
-
- }
-
- ############## FOR POPUPLOGIN ######
- function checkpopuplogin() {
- if(!empty($this->data)) {
- $this->data['User']['username']=trim($this->data['User']['headerLoginName']);
- $this->data['User']['password']=base64_encode(trim($this->data['User']['headerLoginPass']));
- $someone = $this->User->findByUsername($this->data['User']['username']);//"http://adserver:8088/xoimage-115-07/Nnew/"
- if(!empty($someone['User']['password']) && $someone['User']['password'] == $this->data['User']['password']) {
-
- if($someone['User']['user_status']==1) {
- mysql_query("DELETE FROM xoevent_cart WHERE xoevent_pay_status='0' AND user_id='".$someone['User']['id']."' AND xoevent_sessionid!='".session_id()."'") or die(mysql_error());
- $this->Session->write('User', $someone['User']['username']);
- $this->Session->write('UserId', $someone['User']['id']);
- $this->Session->write('GrpId', $someone['User']['user_group_master_id']);
-
- if($someone['User']['user_group_master_id']==2) {
- $_SESSION['pubSchool']='p';
- $_SESSION['is_public']=1;
- $_SESSION['categoryTab']=2;
- }
-
- if($someone['User']['user_group_master_id']==3) {
- $_SESSION['pubSchool']='s';
- $_SESSION['is_public']=2;
- $_SESSION['categoryTab']=3;
- }
-
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']);
- $this->set("validated",0); ///right Info
- $this->set('userHome',$link);
- }
-
- }
- else {
- $this->set("validated",1); /// Error Info
- }
-
- }
- $this->render('validpopuplogin', 'ajax');
- }
- ############## FOR POPUPLOGIN ######
-
-
-
-
-
- function auctInviteoperation() {
- $this->checkSession();
- if(isset($_SESSION['auctKey'])) {
- $updatesql = "UPDATE auctxon_donors_invite SET is_respond='1' , registered_invitee_userid='".$_SESSION['UserId']."' where is_respond='0' and hash_key='".$_SESSION['auctKey']."' ";
- @mysql_query($updatesql);
- }
-
-
-
-
-
-
-
- }
-
- function signup() {
- if(isset($_SESSION['UserId'])) {
- $this->redirect('/?id=1');
- }
- $group=base64_decode($_REQUEST['gr']);
- $this->set('group',$group);
- ################################################ Auction Invitation ################
- if(isset($_REQUEST['key'])&& $_REQUEST['key']!='') {
- $this->Session->write('auctKey',$_REQUEST['key']);
- if(isset($_REQUEST['act'])&& $_REQUEST['act']=='auctiondonorsinvite')
- $this->Session->write('auctType',$_REQUEST['act']);
- }
- ############################################ /Auction Invitation ################
-
- $this->layout = 'user_signup';
- $this->pageTitle = 'Xoimage Sign-up';
- if (!empty($this->data)) {
-
- if(isset($_REQUEST['userType']) && $_REQUEST['userType']!="") {
- $this->data['User']['user_group_master_id'] = $_REQUEST['userType'];
- //die();
- }
- $this->data['User']['user_status'] = 1;
- $this->data['User']['password'] = base64_encode($this->data['User']['password']);
- if ($this->User->save($this->data)) {
- $id = mysql_insert_id();
- $fname = addslashes(strtolower($this->data['User']['first_name']));
- $lname = addslashes(strtolower($this->data['User']['last_name']));
- $email = $this->data['User']['email'];
-
-
- $user_name = trim($this->data['User']['username']) ;
- $pass=base64_encode(trim($this->data['User']['password']));
-
- ################ FORUM INTEGRATION
- $pass=$this->data['User']['password'];
- $email_hash=crc32($email);
- $sql1="INSERT INTO phpbb_users (username, username_clean, user_password, user_pass_convert, user_email, user_email_hash, group_id, user_type, user_permissions, user_timezone, user_dateformat, user_lang, user_style, user_allow_pm, user_actkey, user_ip, user_regdate, user_passchg, user_options, user_inactive_reason, user_inactive_time, user_lastmark, user_lastvisit, user_lastpost_time, user_lastpage, user_posts, user_dst, user_colour, user_occ, user_interests, user_avatar, user_avatar_type, user_avatar_width, user_avatar_height, user_new_privmsg, user_unread_privmsg, user_last_privmsg, user_message_rules, user_full_folder, user_emailtime, user_notify, user_notify_pm, user_notify_type, user_allow_viewonline, user_allow_viewemail, user_allow_massemail, user_sig, user_sig_bbcode_uid, user_sig_bbcode_bitfield, user_form_salt) VALUES ('$user_name', '$user_name', '$pass', 0, '$email', '$email_hash', 2, 0, '', 0, 'D M d, Y g:i a', 'en', '1', 1, '', '0.0.0.0', 1202106072, 1202106072, 895, 0, 0, 1202106072, 0, 0, '', 0, '0', '', '', '', '', 0, 0, 0, 0, 0, 0, 0, -3, 0, 0, 1, 0, 1, 1, 1, '', '', '', '39390ba638fe9a78')";
- //echo $sql1;
- @mysql_query($sql1);
-
- $new_query_group="select MAX(user_id) AS USERID FROM phpbb_users";
- $new_result_group=mysql_query($new_query_group);
- $new_data_group=mysql_fetch_array($new_result_group);
- $new_user_id=$new_data_group['USERID'];
- //echo $new_user_id;
- $new_query_insert="INSERT INTO phpbb_user_group (group_id,user_id,group_leader,user_pending) VALUES ('2','$new_user_id','0','0')";
- @mysql_query($new_query_insert);
- ################ FORUM INTEGRATION
-
- if(isset($_REQUEST['userFrndId'])) {
- $group = $_REQUEST['userType'];
- $frnd_id = base64_decode($_REQUEST['userFrndId']);
- $noOfFrndUsr = mysql_num_rows(mysql_query("select * from user_friends where user_id=".$id));
- $noFrnd = mysql_num_rows(mysql_query("select * from user_friends where user_id=".$frnd_id));
- $frnd_qry = mysql_query("INSERT INTO `user_friends` ( `id` , `user_id`,`friend_id`, `status` )VALUES ('',".$id.",".$frnd_id.",".($noOfFrndUsr+1).")") ;
- $frnd_qry = mysql_query("INSERT INTO `user_friends` ( `id` , `user_id`,`friend_id`, `status` )VALUES ('',".$frnd_id.",".$id.",".($noFrnd+1).")") ;
- }
- else
- $group = $this->data['User']['group_id'];
-
- $dob = $_REQUEST['year']."-".$_REQUEST['mon']."-".$_REQUEST['dob'];
- $gender=$_REQUEST['sex'];
- $city=$_REQUEST['city'];
- $state=$_REQUEST['province'];
- $country=$_REQUEST['country'];
-
-
-
-
- $qry = "INSERT INTO `user_details` ( `id` , `user_id`, `first_name`, `last_name`, `email`, `dob`,gender,city,state,c_id)VALUES ('',".$id.",'".$fname."','".$lname."','".$email."', '".$dob."','".$gender."','".$city."','".$state."','".$country."')" ;
- if($res = mysql_query($qry)) {
- $this->Session->write('User', $this->data['User']['username']);
- $this->Session->write('UserId', $id);
- $this->Session->write('GrpId', $this->data['User']['user_group_master_id']);
-
- //$this->flash('User has been saved.','/users');
-
- ########################## AUCTION INVITATION OPERATION #######
- if(isset($_SESSION['auctKey']))
- $this->auctInviteoperation() ;
- ############################# /AUCTION INVITATION OPERATION #######
-
- $this->sendVerifyemail();
-
- $this->redirect('/users/congratulations?id='.time().'&uid='.base64_encode($id).'&sessid='.session_id());
- }
- else {
- $id = mysql_insert_id();
- $this->Session->write('User', $this->data['User']['username']);
- $this->Session->write('UserId', $id);
-
-
- }
- if(isset($_REQUEST['act_event']) && $_REQUEST['act_event'] != "") {
- //echo $_REQUEST['act_event'].", ".$_REQUEST['evtid'].", ".$_REQUEST['invitation'];
- $link = 'calendars/acceptinvitation?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evtid'].'&invitation='.$_REQUEST['invitation'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['act']) && $_REQUEST['act'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evtid'].'&invitation='.$_REQUEST['invitation'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "sharecal") {
- $checkCalIm = mysql_num_rows(mysql_query("select * from calendar_import where importer_id=".$someone['User']['id']." and import_cal_id=".base64_decode($_REQUEST['calid'])));
- if($checkCalIm<1) {
- $qry = "insert into calendar_import values(".base64_decode($_REQUEST['calid']).", ".$someone['User']['id'].", 'y')";
- $res = mysql_query($qry);
- }
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.base64_encode(1);
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "eventinvite") {
- $link = 'calendars/acceptinvitation?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else {
- //$this->sendVerifyemail();
- $this->flash('The username with id: '.$this->data['User']['username'].' has been submitted.', '/users');
- $this->redirect('/users/congratulations?id='.time().'&uid='.base64_encode($id).'&sessid='.session_id());
- }
- }
- }
-
-
- $currentuser = array('topleft'=>'event-photo-tab-top-left.gif','topmiddle'=>'eventphoto-tab_topmidsml','topright'=>'event-photo-tab-top-right.gif','midleft'=>'eventphoto-tab_leftmid','midbgcolur'=>'fafeff','midright'=>'eventphoto-tab_rightmid','bottomleft'=>'event-photo-tab-bottom-left.gif','bottommid'=>'eventphoto-tab_botmid','bottomright'=>'event-photo-tab-bottom-right.gif') ;
- if(isset($_REQUEST['gr']) && base64_decode($_REQUEST['gr'])==2)
- $currentuser = array('topleft'=>'sponsor-tab-top-left.gif','topmiddle'=>'sponsor-tab_topmidsml','topright'=>'sponsor-tab-top-right.gif','midleft'=>'sponsor-tab_leftmid','midbgcolur'=>'fff6f6','midright'=>'sponsor-tab_rightmid','bottomleft'=>'sponsor-tab-bottom-left.gif','bottommid'=>'sponsor-tab_botmid','bottomright'=>'sponsor-tab-bottom-right.gif') ;
-
- if(isset($_REQUEST['gr']) && base64_decode($_REQUEST['gr'])==3)
- $currentuser = array('topleft'=>'tickets-tab-top-left.gif','topmiddle'=>'ticket-tab_topmidsml','topright'=>'tickets-tab-top-right.gif','midleft'=>'ticket-tab_leftmid','midbgcolur'=>'fdfff4','midright'=>'ticket-tab_rightmid','bottomleft'=>'tickets-tab-bottom-left.gif','bottommid'=>'ticket-tab_botmid','bottomright'=>'tickets-tab-bottom-right.gif') ;
-
- $this->set('currentStyle', $currentuser);
-
-
- }
- ################################## USERS PROFILE PAGE #####################
-
- function myprofile($userid=null) {
- $this->pageTitle = 'Profile';
- $this->layout = 'default';
- $this->checkSession();
-
- $userid = $_REQUEST['uid'];
- if($userid)
- $uid = base64_decode($userid);
- else
- $uid = $_SESSION['UserId'];
-
-
- $this->set('userprofileId',$uid) ;
- $this->data = $this->User->UserDetails->findByUserId($uid);
- $this->set('profiledetail',$this->data);
-
- }
-
- function social() {
- $this->layout = 'profile_blank';
- }
- function professional() {
- $this->layout = 'profile_blank';
- }
- function personalinfo() {
- $this->layout = 'profile_blank';
- }
- ###########################################################################
-
-
-
- function user_home() {
-
- $this->pageTitle = 'User Home';
- //$this->checkSession();
- $this->layout = 'userprofilevisit';
-
- $this->userProfileLeftPanel();
-
- $profilehomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($this->profileUserIdforQry)."&sessid=".session_id()."";
- $this->set('profilehomelink',$profilehomelink);
-
-
-
- //$someone = $this->User->findById($_SESSION['UserId']);
-
- ##################### Insert the recored for profile allingment #########
- if(isset($_SESSION['UserId'])) {
-
- $liitem=array('firstlist_1','firstlist_2','firstlist_3','firstlist_4','firstlist_5','firstlist_8','firstlist_9');
- $liitem2=array('secondlist_1','secondlist_2','secondlist_3','secondlist_4','secondlist_5','secondlist_6');
- if($_SESSION['GrpId']==2) /// Photographer
- array_push($liitem,'firstlist_6');
- if($_SESSION['GrpId']==3) /// Organisation
- array_push($liitem,'firstlist_7');
-
- $stleftpos=1;
- $strightpos=1;
- $maxLeftposition = "SELECT MAX(boxorder) as leftpos from profilemap where userid='".$_SESSION['UserId']."' and position='left'" ;
- $maxLeftposition_res = mysql_query($maxLeftposition);
- if(mysql_num_rows($maxLeftposition_res)>0) {
- $maxLeftposition_arr =mysql_fetch_array($maxLeftposition_res);
- $stleftpos = $maxLeftposition_arr['leftpos'];
- }
-
- $maxLeftposition = "SELECT MAX(boxorder) as rightpos from profilemap where userid='".$_SESSION['UserId']."' and position='right'" ;
- $maxLeftposition_res = mysql_query($maxLeftposition);
- if(mysql_num_rows($maxLeftposition_res)>0) {
- $maxLeftposition_arr =mysql_fetch_array($maxLeftposition_res);
- $strightpos = $maxLeftposition_arr['rightpos'];
- }
-
-
-
-
- foreach($liitem as $liitem_item=>$liitem_value) {
- $profilesql = "SELECT * from profilemap where boxname='".$liitem_value."' and userid='".$_SESSION['UserId']."'";
- $profilesql_res = mysql_query($profilesql);
- if(mysql_num_rows($profilesql_res)==0) {
- $stleftpos++;
- $insertleftinfo = "INSERT INTO profilemap SET boxname='".$liitem_value."' ,userid='".$_SESSION['UserId']."',display='block',position='left',boxorder='".$stleftpos."',boxid='".$stleftpos."' ";
- mysql_query($insertleftinfo);
- }
- }
-
- foreach($liitem2 as $liitem_item=>$liitem_value) {
- $profilesql = "SELECT * from profilemap where boxname='".$liitem_value."' and userid='".$_SESSION['UserId']."'";
- $profilesql_res = mysql_query($profilesql);
- if(mysql_num_rows($profilesql_res)==0) {
- $strightpos++;
- $insertleftinfo = "INSERT INTO profilemap SET boxname='".$liitem_value."' ,userid='".$_SESSION['UserId']."',display='block',position='right',boxorder='".$strightpos."',boxid='".$strightpos."' ";
- mysql_query($insertleftinfo);
- }
- }
-
- ##################### Insert the recored for profile allingment #########
- }
- if(isset($_REQUEST['uid'])) {
- $uid = base64_decode($_REQUEST['uid']);
- $mail = mysql_query("select * from emails where user_id=".$uid." and inbox_status='unread'");
- if($mail) {
- $mailQry = mysql_num_rows($mail);
- $this->set('mails', $mailQry);
- }
- if(empty($this->data)) {
- $this->data = $this->User->UserDetails->read(null, $uid);
- $this->set('user_det',$this->data);
- }
- }
- else {
- $this->redirect('../index');
- }
-
- $this->createStuffArray();
- $this->getMyComments($this->PROFILE_USER_ID);
-
- }
-
-
-
-
- function postcomment() {
- mysql_query("INSERT INTO user_comments(user_id,friend_id,comment) VALUES('".$this->params['form']['profileid']."','".$_SESSION['UserId']."','".mysql_escape_string($this->params['form']['comment'])."')");
- $this->getMyComments($this->params['form']['profileid']);
- $this->render("usercomment","ajax");
- }
-
- function congratulations() {
- $this->checkSession(1);
- $this->pageTitle = 'Invite Friend';
- $this->layout = 'userloggedin';
- $someone = $this->User->findById($_SESSION['UserId']);
- $this->set('firstname',$someone['UserDetails']['first_name']);
- $this->set('lasttname',$someone['UserDetails']['last_name']);
- /*if(empty($this->data))
- {
- $this->data = $this->User->read(null, $id);
- $this->set('data',$this->data);
- }*/
-
-
-
-
-
-
-
-
-
-
- }
-
- /**/
-
- /* function loading()
- {
- }
- */ function logout() {
- //$this->layout = 'default';
- //$this->session->delete('Admin');
- //$this->session->delete('Admin_id');
- unset($_SESSION);
- $this->Session->destroy();
- $this->Session->destroy('User');
- $this->Session->destroy('UserId');
- $this->redirect('/');
- /*if(session_destroy())
- $this->redirect('users/home');
- else
- $this->flash('session destruction unsuccessfull.','/users/home');*/
- }
- function forgotPass() {
- $this->layout = 'default';
- echo $_REQUEST['msg'];
- $this->set('data',$_REQUEST['msg']);
- }
- function forgotPassword() {
- /*$this->layout = 'default';
- echo $_REQUEST['msg'];
- $this->set('data',$_REQUEST['msg']);*/
-
- $this->render('forgotpassview', 'ajax');
-
-
- }
-
-
- function my_photo() {
- $this->checkSession();
- $this->layout = 'userloggedin';
- $this->pageTitle = 'My Photo';
- }
- /*function myphoto_top_old()
- {
- $this->checkSession();
- $this->layout = 'userloggedin';
- $this->pageTitle = 'My Friend Top';
- }
- */
- function sendinvite() {
- $this->checkSession();
- $this->layout = 'userloggedin';
- $someone = $this->User->findById($_SESSION['UserId']);
- $this->set('invitedGrp',$someone['User']['user_group_master_id']);
- $this->set('inviterId',$someone['User']['id']);
-
- $FriendInviteUrl = "http://www.xoimages.com/users/signup?id=".time()."&gr=".base64_encode($someone['User']['user_group_master_id'])."&sessid=".session_id()."&task=invite&taskbyId=".base64_encode($someone['User']['id'])."";
-
- $this->set('inviteMailUrl','<a href="'.$FriendInviteUrl.'">Click Here</a>');
-
-
- }
- ####################### TESTING##########
- function userprofile() {
- $this->checkSession();
- $this->layout = 'usertestprofile';
- $this->pageTitle = 'Edit Profile';
- $uid = $_SESSION['UserId'];
-
- ########################################### BASIC INFO #####################
-
- if(empty($this->data) || !empty($_SESSION['User'])) {
- if(isset($_REQUEST['pg']) && $_REQUEST['pg'] == "con") {
- $someone = $this->User->findById($uid);
- $this->Session->write('User', $someone['User']['username']);
- $this->Session->write('UserId', $someone['User']['id']);
- $this->data = $this->User->read(null, $uid);
- $this->set('data',$this->data);
- }
- else {
- $this->data = $this->User->read(null, $uid);
- $this->set('data',$this->data);
- }
- ########################################### BASIC INFO #####################
- }
-
- //Get Users payment Details
- $paymentInfo=$this->getPaymentMethodsUsers($_SESSION['UserId']);
-
- if(isset($paymentInfo['paypal_email']) && $paymentInfo['paypal_email']!='') {
- $this->set('paypalemailinfo' , $paymentInfo['paypal_email']) ;
- }
- if(isset($paymentInfo['gcheckout_email']) && $paymentInfo['gcheckout_email']!='') {
- $strgcheckout = $paymentInfo['gcheckout_email'] ;
- if(stristr($strgcheckout, 'break')) {
- $strgcheckoutexp = explode('break',$strgcheckout);
- $this->set('merchantId' , $strgcheckoutexp[0]) ;
- $this->set('merchantkey' , $strgcheckoutexp[1]) ;
- }
- if($strgcheckout!='')
- $this->set('gcheckoutinfo' , $paymentInfo['gcheckout_email']) ;
- }
- }
- function setpaypal() {
- $this->render("setpaypal","ajax");
- }
-
- function saveprofilebasic() {
- $this->checkSession();
-
-
- $this->set("postData",$this->params);
- $userInfo = $this->User->read(null,$_SESSION["UserId"]);
- $this->data['UserDetails']['id'] = $userInfo['UserDetails']['id'];
- $this->data['UserDetails']['user_id'] = $_SESSION['UserId'];
- $this->data['UserDetails']['first_name'] = addslashes($this->data['UserDetails']['first_name']);
- $this->data['UserDetails']['last_name'] = addslashes($this->data['UserDetails']['last_name']);
- $this->data['UserDetails']['gender'] = $_REQUEST['sex'];
- $this->data['UserDetails']['city'] = $_REQUEST['city'];
- $this->data['UserDetails']['state'] = $_REQUEST['province'];
- $this->data['UserDetails']['c_id'] = $_REQUEST['country'];
- $this->data['UserDetails']['dob'] = $_REQUEST['dob_Year'] .'-'.$_REQUEST['dob_Month'] .'-'.$_REQUEST['dob_Day'] ;
- $this->data['UserDetails']['mobile_phone'] = $this->data['UserDetails']['mobile_phone'];
- $this->data['UserDetails']['land_phone'] = $this->data['UserDetails']['land_phone'];
- $this->data['UserDetails']['address'] = $this->data['UserDetails']['address'];
- $this->data['UserDetails']['state'] = $_REQUEST['province'];
- $this->data['UserDetails']['city'] = $_REQUEST['city'];
- $this->data['UserDetails']['zip'] = $this->data['UserDetails']['zip'];
-
- if ($this->User->UserDetails->save($this->data)) {
- $this->flash('Your post has been Updated.','/users');
- $link = 'users/userprofile?basicsave=1#basic';
- }
- else
- $link = 'users/userprofile#basic';
-
- $this->redirect($link);
- }
- function saveschool() {
- $this->checkSession();
- $this->set("postData",$this->params);
- $userInfo = $this->User->read(null,$_SESSION["UserId"]);
- $this->data['UserDetails']['id'] = $userInfo['UserDetails']['id'];
- $this->data['UserDetails']['user_id'] = $_SESSION['UserId'];
- $this->data['UserDetails']['school_id'] =$this->data['UserDetails']['school_id'];
- $this->data['UserDetails']['grade_level'] =$this->data['UserDetails']['grade_level'];
- $this->data['UserDetails']['student_year_from'] =$_REQUEST['student_year_from'];
- $this->data['UserDetails']['student_year_to'] =$_REQUEST['student_year_to'];
-
- if ($this->User->UserDetails->save($this->data)) {
- $this->flash('Your post has been Updated.','/users');
- $link = 'users/userprofile?schoolsave=1#school';
- }
- else
- $link = 'users/userprofile#school';
-
- $this->redirect($link);
- }
- function savepersonal() {
- $this->checkSession();
- $this->set("postData",$this->params);
- $userInfo = $this->User->read(null,$_SESSION["UserId"]);
- $this->data['UserDetails']['id'] = $userInfo['UserDetails']['id'];
- $this->data['UserDetails']['user_id'] = $_SESSION['UserId'];
-
- if ($this->User->UserDetails->save($this->data)) {
- $this->flash('Your post has been Updated.','/users');
- $link = 'users/userprofile?personalsave=1#personal';
- }
- else
- $link = 'users/userprofile#personal';
-
- $this->redirect($link);
-
- }
- function savework() {
- $this->checkSession();
- $this->set("postData",$this->params);
- $userInfo = $this->User->read(null,$_SESSION["UserId"]);
- $this->data['UserDetails']['id'] = $userInfo['UserDetails']['id'];
- $this->data['UserDetails']['user_id'] = $_SESSION['UserId'];
- $this->data['UserDetails']['user_time'] = $_REQUEST['emp_mon'].'-'.$_REQUEST['emp_year'];
- if ($this->User->UserDetails->save($this->data)) {
- $this->flash('Your post has been Updated.','/users');
- $link = 'users/userprofile?worksave=1#work';
- }
- else
- $link = 'users/userprofile#work';
-
- $this->redirect($link);
- }
- function savenewpassword() {
- $this->checkSession();
- $id = $_SESSION['UserId'];
- if (empty($this->data)) {
- $this->data = $this->User->findById($id);
- }
- else {
-
- $this->User->id = $this->Session->read('UserId');
- $uid = $this->User->findById($this->User->id);
- if(base64_encode($this->data['User']['old_password'])!= $uid['User']['password']) {
- $this->redirect("users/userprofile?save=2&msg=Your old Password field didn't match#password");
- }
- else {
- if($this->data['User']['new_password'] != $this->data['User']['confirm_password'] ) {
- $this->redirect('users/userprofile?save=2&msg=New password and Confirm password field do not match#password');
- }
- else {
- $this->data['User']['password'] = base64_encode($this->data['User']['new_password']);
- $this->data['User']['id'] = $this->User->id;
- if($this->User->save($this->data)) {
- $updatesql = "UPDATE phpbb_users SET user_pass_convert='".$this->data['User']['password']."' WHERE username='".$uid['User']['username']."'";
- @mysql_query($sql1);
- $this->redirect('users/userprofile?passwordsave=1#password');
- }
- }
- }
-
- }
-
-
- }
-
- function savecompanyinfo() {
- $this->checkSession();
- $this->set("postData",$this->params);
- $userInfo = $this->User->read(null,$_SESSION["UserId"]);
- $this->data['UserDetails']['id'] = $userInfo['UserDetails']['id'];
- $this->data['UserDetails']['user_id'] = $_SESSION['UserId'];
- $this->data['UserDetails']['company_description'] = strip_html_tags($this->data['UserDetails']['company_description']);
- $this->data['UserDetails']['comp_name'] = strip_html_tags($this->data['UserDetails']['org_name']);
- ################### Company logo image ###############
- if(isset($_FILES['logoimage']['name']) && $_FILES['logoimage']['name']!='') {
- $fileName=time().$_FILES['logoimage']['name'];
- $broucherfile = $fileName ;
- $destination = "../app/webroot/company_logo/".$fileName;
- $result=move_uploaded_file($_FILES['logoimage']['tmp_name'],$destination);
- $this->data['UserDetails']['company_logo'] = $fileName;
- }
-
- #####################################################
-
- if ($this->User->UserDetails->save($this->data)) {
- $this->flash('Your post has been Updated.','/users');
- $link = 'users/userprofile?companysave=1#company';
- }
- else
- $link = 'users/userprofile#company';
-
- $this->redirect($link);
-
- }
- function deletecompanyimage() {
- $updatesql = "UPDATE user_details SET company_logo='' where user_id='".$_SESSION['UserId']."'";
- mysql_query($updatesql);
-
- $link = 'users/userprofile#company';
- $this->redirect($link);
- }
-
- ########################################
-
- function profile() {
- $this->checkSession();
- ############################### INTRODUCE THE NEW PROFILE PAGE ##################
-
- $this->redirect('users/userprofile');
-
- #############################
-
-
- //$this->layout = 'userloggedin';
- $this->layout = 'userloggedin_profile';
- $_SESSION['PARAM'] = '47897897897897225286';
- //$this->checkSession();
- $this->pageTitle = 'User Profile';
- if(isset($_REQUEST['uid']))
- $uid = base64_decode($_REQUEST['uid']);
- if(empty($this->data) || !empty($_SESSION['User'])) {
- //echo "test";exit();
- if(isset($_REQUEST['pg']) && $_REQUEST['pg'] == "con") {
- //echo "test1";exit();
- $someone = $this->User->findById($uid);
- $this->Session->write('User', $someone['User']['username']);
- $this->Session->write('UserId', $someone['User']['id']);
- //$this->data['UserDetails']['id'] = $this->data['User']['userId'];
- //$this->data['UserDetails']['user_id'] = base64_decode($_REQUEST['uid']);
- //if ($this->User->UserDetails->save($this->data))
- //{
- $this->data = $this->User->read(null, $uid);
- $this->set('data',$this->data);
- //}
- }
- else {
- $this->data = $this->User->read(null, $uid);
- $this->set('data',$this->data);
- }
-
- }
- else if(!empty($this->data)) {
- //pr($this->data);exit();
- $this->data['UserDetails']['id'] = $this->data['User']['userId'];
- $this->data['UserDetails']['user_id'] = base64_decode($_REQUEST['uid']);
- $this->data['UserDetails']['first_name'] = addslashes($this->data['UserDetails']['first_name']);
- $this->data['UserDetails']['last_name'] = addslashes($this->data['UserDetails']['last_name']);
- $this->data['UserDetails']['gender'] = $_REQUEST['sex'];
- $this->data['UserDetails']['city'] = $_REQUEST['city'];
- $this->data['UserDetails']['state'] = $_REQUEST['province'];
- $this->data['UserDetails']['c_id'] = $_REQUEST['country'];
-
- if ($this->User->UserDetails->save($this->data)) {
- $this->flash('Your post has been Updated.','/users');
- $link = '/users/profile?id='.time().'&uid='.base64_encode($this->data['User']['userId']).'&sessid='.base64_encode(1).'&act=edit';
- $this->redirect($link);
- }
- }
- }
-
-
-
- function school() {
- $this->checkSession();
- $this->layout = 'profile_blank';
- $this->pageTitle = 'User School';
- if(isset($_REQUEST['uid']))
- $uid = base64_decode($_REQUEST['uid']);
- if(empty($this->data) || $_REQUEST['act'] == "edit") {
- $this->data = $this->User->read(null, $uid);
- $this->set('data',$this->data);
- }
- else if($_REQUEST['act'] != "edit") {
- $this->data['UserDetails']['id'] = $this->data['User']['userId'];
- $this->data['UserDetails']['user_id'] = base64_decode($_REQUEST['uid']);
- //pr($this->data);exit();
- if ($this->User->UserDetails->save($this->data)) {
- $this->flash('Your post has been Updated.','/users');
- $link = '/users/school?id='.time().'&uid='.base64_encode($this->data['User']['userId']).'&sessid='.base64_encode(1).'&act=edit';
- $this->redirect($link);
- }
- }
- }
- function work() {
- $this->checkSession();
- $this->layout = 'profile_blank';
- $this->pageTitle = 'User Work';
- if(isset($_REQUEST['uid']))
- $uid = base64_decode($_REQUEST['uid']);
- if(empty($this->data) || $_REQUEST['act'] == "edit") {
- $this->data = $this->User->read(null, $uid);
- $this->set('data',$this->data);
- }
- else if($_REQUEST['act'] != "edit") {
- $this->data['UserDetails']['id'] = $this->data['User']['userId'];
- $this->data['UserDetails']['user_id'] = base64_decode($_REQUEST['uid']);
- $this->data['UserDetails']['user_time'] = $_REQUEST['emp_mon']."-".$_REQUEST['emp_year'];
- //pr($this->data);exit();
- if ($this->User->UserDetails->save($this->data)) {
- $this->flash('Your post has been Updated.','/users');
- $link = '/users/work?id='.time().'&uid='.base64_encode($this->data['User']['userId']).'&sessid='.base64_encode(1).'&act=edit';
- $this->redirect($link);
- }
- }
- }
- function personal() {
- $this->checkSession();
- $this->layout = 'profile_blank';
- $this->pageTitle = 'User Personal';
- if(isset($_REQUEST['uid']))
- $uid = base64_decode($_REQUEST['uid']);
- if(empty($this->data) || $_REQUEST['act'] == "edit") {
- $this->data = $this->User->read(null, $uid);
- $this->set('data',$this->data);
- }
- else if($_REQUEST['act'] != "edit") {
- $this->data['UserDetails']['id'] = $this->data['User']['userId'];
- $this->data['UserDetails']['user_id'] = base64_decode($_REQUEST['uid']);
- if ($this->User->UserDetails->save($this->data)) {
- $this->flash('Your post has been Updated.','/users');
- $link = '/users/profile?id='.time().'&uid='.base64_encode($this->data['User']['userId']).'&sessid='.base64_encode(1).'&act=edit';
- $this->redirect($link);
- }
- }
- }
- function projects() {
- $this->checkSession();
- $this->layout = 'profile_blank';
- $this->pageTitle = 'User Projects';
- if(isset($_REQUEST['uid']))
- $uid = base64_decode($_REQUEST['uid']);
- if(empty($this->data) || $_REQUEST['act'] == "edit") {
- $this->data = $this->User->read(null, $uid);
- $this->set('data',$this->data);
- }
- else if($_REQUEST['act'] != "edit") {
- $this->data['UserDetails']['id'] = $this->data['User']['userId'];
- $this->data['UserDetails']['user_id'] = base64_decode($_REQUEST['uid']);
- if ($this->User->UserDetails->save($this->data)) {
- $this->flash('Your post has been Updated.','/users');
- $link = '/users/profile?id='.time().'&uid='.base64_encode($this->data['User']['userId']).'&sessid='.base64_encode(1).'&act=edit';
- $this->redirect($link);
- }
- }
- }
- function change_pwd() {
- $this->checkSession();
- $this->layout = 'profile_blank';
- $this->pageTitle = 'User Change Pwd';
- if(isset($_REQUEST['uid']))
- $uid = base64_decode($_REQUEST['uid']);
- if(empty($this->data) || $_REQUEST['act'] == "edit") {
- $this->data = $this->User->read(null, $uid);
- $this->set('data',$this->data);
- }
- else {
- $this->data['User']['id'] = base64_decode($_REQUEST['uid']);
- if ($this->User->save($this->data)) {
- $this->flash('Your post has been Updated.','/users');
- $link = '/users/signup?id='.time().'&uid='.base64_encode($this->data['User']['userId']).'&sessid='.base64_encode(1);
- $this->redirect($link);
- }
- else
- $this->flash('Not updated.','/users/signup');
- }
- }
- function custom_profile() {
- $this->checkSession();
- $this->layout = 'profile_blank';
- $this->pageTitle = 'User Customize Profile';
- if(isset($_REQUEST['uid']))
- $uid = base64_decode($_REQUEST['uid']);
- if(empty($this->data) || $_REQUEST['act'] == "edit") {
- $this->data = $this->User->read(null, $uid);
- $this->set('data',$this->data);
- }
- //$this->set('profilePath', $_SERVER['REQUEST_URI']);
- }
-
- function myaccount() {
- $this->checkSession();
- $this->layout = 'user_signup';
- $this->pageTitle = 'My Account';
-
- if(isset($_SESSION['UserId']))
- $userhomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($_SESSION['UserId'])."&sessid=".session_id()."";
- else
- $userhomelink='javascript:history.back()';
- $profilehomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($this->profileUserIdforQry)."&sessid=".session_id()."";
-
- $this->set('userhomelink',$userhomelink);
- $this->set('profilehomelink',$profilehomelink);
-
- ####################################################### USER RELATED INFORMATOION
- $userInformation = "SELECT CONCAT_WS(' ',user_details.first_name,user_details.last_name) as fullname , user_details.email ,users.user_group_master_id ,(SELECT DATE_FORMAT(users.user_join_date,GET_FORMAT(DATE,'USA'))) as sinceJOIN ,user_details.comp_name,
- user_payment_setup.paypal_email , user_payment_setup.gcheckout_email
- FROM user_details
- LEFT JOIN users on(user_details.user_id = users.id)
- LEFT JOIN user_payment_setup on (user_details.user_id=user_payment_setup.user_id)
- where user_details.user_id='".$_SESSION['UserId']."'";
-
- $userInformation_res = mysql_query($userInformation);
- $userInformation_arr = mysql_fetch_array($userInformation_res);
-
- $this->set('profilename',ucfirst($userInformation_arr['fullname']));
- $this->set('profileemail',$userInformation_arr['email']);
- $this->set('profilegroupid',$userInformation_arr['user_group_master_id']);
- $this->set('profilejoin',$userInformation_arr['sinceJOIN']);
- $this->set('profilpaypalemail',$userInformation_arr['paypal_email']);
- $gprofileid = explode('break',$userInformation_arr['gcheckout_email']);
- if(isset($gprofileid['0']))
- $this->set('profilGmerchantID',$gprofileid['0']);
- if(isset($gprofileid['1']))
- $this->set('profilGmerchantKey',$gprofileid['1']);
-
- $this->set('profilbusiness',ucfirst($userInformation_arr['comp_name']));
-
- //Get the payment details
- $getTotalPayment="
- SELECT sum(amount * if(DrCr = '+1',1,-1)) totalPaymentAmount, amount, DrCr
- FROM xouser_transaction_details
- WHERE user_id = '".$_SESSION['UserId']."'
- GROUP BY user_id";
-
- $queryGetTotalPayment=mysql_fetch_assoc(mysql_query($getTotalPayment));
- $this->set("totalPaymentAmount",$queryGetTotalPayment['totalPaymentAmount']);
- ####################################################### USER RELATED INFORMATOION
-
-
-
- ############################ Related activity ####################################
- $accountrelatedsql = "SELECT IF (xotrandetail.DrCr = '+1', 'From', 'To') AS tranfromto,IF (xotrandetail.payment_to =1, 'admin', users.username) AS tranName, (SELECT DATE_FORMAT( xotran.transaction_date, GET_FORMAT( DATE, 'USA' ) )) AS trandate, xotrandetail.id, xotrandetail.amount AS tranfee,
- xotrandetail.amount as tranAmount , xotran.transaction_head ,IF(xotrandetail.DrCr = '+1',1,-1) AS sumoperation
- FROM xouser_transaction_details xotrandetail
- LEFT JOIN users ON ( xotrandetail.payment_to = users.id )
- LEFT JOIN xouser_transactions xotran ON ( xotrandetail.xouser_transaction_id = xotran.id )
- WHERE xotrandetail.user_id='".$_SESSION['UserId']."'
- order By xotrandetail.id desc
- LIMIT 10
- " ;
-
- $accountrelatedsql_res = mysql_query($accountrelatedsql);
- $accountrelatedsql_num = mysql_num_rows($accountrelatedsql_res);
- $this->set('Numrelatedquery',$accountrelatedsql_num);
- $relatedarr = array();
- while($accountrelatedsql_array=mysql_fetch_array($accountrelatedsql_res)) {
- $relatedarr[] = array('id'=>$accountrelatedsql_array['id'] , 'tranfromto'=>$accountrelatedsql_array['tranfromto'] ,'tranName'=>$accountrelatedsql_array['tranName'] ,'trandate'=>$accountrelatedsql_array['trandate'],'tranfee'=>$accountrelatedsql_array['tranfee'],'tranAmount'=>$accountrelatedsql_array['tranAmount'],'sumoperation'=>$accountrelatedsql_array['sumoperation']);
- }
- $this->set('relatedInfo',$relatedarr);
- ############################ Related activity ####################################
- }
- function myaccounthistory() {
- $this->checkSession();
- $this->layout = 'user_signup';
-
- ####################################################### USER RELATED INFORMATOION
- $userInformation = "SELECT CONCAT_WS(' ',user_details.first_name,user_details.last_name) as fullname , user_details.email ,users.user_group_master_id ,(SELECT DATE_FORMAT(users.user_join_date,GET_FORMAT(DATE,'USA'))) as sinceJOIN ,user_details.comp_name,
- user_payment_setup.paypal_email , user_payment_setup.gcheckout_email
- FROM user_details
- LEFT JOIN users on(user_details.user_id = users.id)
- LEFT JOIN user_payment_setup on (user_details.user_id=user_payment_setup.user_id)
- where user_details.user_id='".$_SESSION['UserId']."'";
-
- $userInformation_res = mysql_query($userInformation);
- $userInformation_arr = mysql_fetch_array($userInformation_res);
-
- $this->set('profilename',ucfirst($userInformation_arr['fullname']));
- $this->set('profileemail',$userInformation_arr['email']);
- $this->set('profilegroupid',$userInformation_arr['user_group_master_id']);
- $this->set('profilejoin',$userInformation_arr['sinceJOIN']);
- $this->set('profilpaypalemail',$userInformation_arr['paypal_email']);
- $gprofileid = explode('break',$userInformation_arr['gcheckout_email']);
- if(isset($gprofileid['0']))
- $this->set('profilGmerchantID',$gprofileid['0']);
- if(isset($gprofileid['1']))
- $this->set('profilGmerchantKey',$gprofileid['1']);
-
- $this->set('profilbusiness',ucfirst($userInformation_arr['comp_name']));
-
- // total_commission
- $sql=" SELECT sum(commission) AS total_commission
- FROM payment_transactions
- WHERE seller_id='".$_SESSION['UserId']."' AND pay_status='1' ";
-
- $result=mysql_fetch_assoc(mysql_query($sql));
- $total_commission = $result['total_commission'];
- // total_commission_received
- $sql=" SELECT sum(total_amount) AS total_commission_received
- FROM payment_transactions
- WHERE receiver_id='".$_SESSION['UserId']."' AND pay_status='1' AND type_id='2' ";//type='2':paid commision
-
- $result=mysql_fetch_assoc(mysql_query($sql));
- $total_commission_received = $result['total_commission_received'];
-
- $this->set("total_commission_unreceived",$total_commission-$total_commission_received);
-
- //get creative commission minimum
- $config = $this->getConfigAmount('creative commission minimum');
- $this->set('commission_minimum',$config['config_value']);
- ####################################################### USER RELATED INFORMATOION
-
-
- $pagehead='My Account';
- $urlshow='full';
-
- if(isset($_REQUEST['show']) && $_REQUEST['show']=='sent') {
- $pagehead = 'Payment Sent';
- $urlshow='sent';
- $extradd = " AND PM.user_id='".$_SESSION['UserId']."' ";
- }else if(isset($_REQUEST['show']) && $_REQUEST['show']=='received') {
- $pagehead = 'Payments received';
- $urlshow='received';
- $extradd = " AND (PM.receiver_id='".$_SESSION['UserId']."' OR PM.seller_id='".$_SESSION['UserId']."' ) ";
- }else{//full
- $pagehead = 'All Account Activity';
- $extradd = " AND (PM.user_id='".$_SESSION['UserId']."' OR PM.receiver_id='".$_SESSION['UserId']."' OR PM.seller_id='".$_SESSION['UserId']."' ) ";
- }
-
- $this->pageTitle = $pagehead;
- $this->set('pageHead',$pagehead);
- $this->set('pageType',$urlshow);
- $this->set('userId',$_SESSION['UserId']);
-
- $userhomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($_SESSION['UserId'])."&sessid=".session_id()."";
- $profilehomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($this->profileUserIdforQry)."&sessid=".session_id()."";
-
- $this->set('userhomelink',$userhomelink);
- $this->set('profilehomelink',$profilehomelink);
- $this->set('urlpayout',PAYMENT_REQUEST_PAYOUT_URL.'/'.$_SESSION['UserId'].'/'.md5(PAYMENT_KEY));
-
- $select = "SELECT PM.*,
- IF (PM.user_id='".$_SESSION['UserId']."', 'To', 'From') AS tranfromto,
- IF (PM.user_id =1, 'admin', US1.username) AS payer,
- IF (PM.receiver_id =1, 'admin', US2.username) AS receiver,
- IF (PM.seller_id =1, 'admin', US3.username) AS seller,
- IF (PM.user_id='".$_SESSION['UserId']."', 0.00, PM.commission) AS commission
- ";
- $from = "FROM payment_transactions as PM
- LEFT JOIN users US1 ON ( PM.user_id = US1.id )
- LEFT JOIN users US2 ON ( PM.receiver_id = US2.id )
- LEFT JOIN users US3 ON ( PM.seller_id = US3.id ) ";
-
- $where = "WHERE PM.pay_status='1' ".$extradd;
-
- ################# SEARCH CRITERIA ########
- if(isset($_REQUEST['serachtype']) && $_REQUEST['serachtype']=='within') {
- $withinType=$this->data['User']['within'];
- $week=date("Y-m-d G:i:s",mktime(date("G"),date("i"),date("s"),date("m"),(date("d")-7),date("Y")));
- $month=date("Y-m-d G:i:s",mktime(date("G"),date("i"),date("s"),(date("m")-1),date("d"),date("Y")));
- $year=date("Y-m-d G:i:s",mktime(date("G"),date("i"),date("s"),date("m"),date("d"),(date("Y")-1)));
- $date=date("Y-m-d G:i:s");
-
- if($this->data['User']['within']=="past") {
- $curDate=$date;
- $this->set("curDate",$curDate);
- }
-
- if($this->data['User']['within']=="week") {
- $past=$week;
- $curDate=$date;
- $this->set("past",$past);
- $this->set("curDate",$curDate);
- }
-
- if($this->data['User']['within']=="month") {
- $past=$month;
- $curDate=$date;
- $this->set("past",$past);
- $this->set("curDate",$curDate);
- }
-
- if($this->data['User']['within']=="year") {
- $past=$year;
- $curDate=$date;
- $this->set("past",$past);
- $this->set("curDate",$curDate);
- }
-
- }
- if(isset($_REQUEST['serachtype']) && $_REQUEST['serachtype']=='daterange') {
- $this->set("past");
- $past=0;
- $curDate=0;
- $this->set("curDate");
- $fromDate=$_REQUEST['frmyear']."-".$_REQUEST['frmmonth']."-".$_REQUEST['frmday'];
- $len=strlen($fromDate);
- if($len==10) {
- $dateF=date("Y-m-d",strtotime($fromDate));
- $past=$dateF;
- $this->set("past",$past);
-
- }
- else {
- $this->set("dateErr","Date format should be : mm/dd/yyyy");
- }
-
- $toDate=$_REQUEST['toyear']."-".$_REQUEST['tomonth']."-".$_REQUEST['todate'];
-
- $len=strlen($toDate);
- if($len==10) {
- $dateT=date("Y-m-d",strtotime($toDate));
- $curDate=$dateT;
- $this->set("curDate",$curDate);
- }
- else {
- $this->set("dateErr","Date format should be : mm/dd/yyyy");
- }
- }
-
- if(isset($this->params['url']['cdate']))
- $curDate=$this->params['url']['cdate'];
-
- if(isset($this->params['url']['past']))
- $past=$this->params['url']['past'];
-
-
- if(isset($_REQUEST['serachtype'])) {
- if(isset($withinType) && $withinType=="past")
- $where.=" AND PM.created < '".$curDate."'";
- else
- $where.=" AND PM.created BETWEEN '".$past."' AND '".$curDate."'";
- }
-
- if(isset($fDate) && $fDate!=0 && isset($tDate) && $tDate!=0)
- $where.=" AND PM.created BETWEEN '".$fDate."' AND '".$tDate."'";
-
- if(isset($_REQUEST['invoice']) && $_REQUEST['invoice']!=''){
- $where.=" AND PM.invoice LIKE '%".$_REQUEST['invoice']."%' ";
- }
-
- ##########################################
-
- //echo $select.$from.$where;
-
- $others=" ORDER BY PM.created DESC";
-
- $PassParameter="show=".$urlshow ;
-
- if(isset($curDate))
- $PassParameter.="&cdate=".$curDate."&";
- if(isset($past))
- $PassParameter.="&past=".$past."&";
- if(isset($fDate))
- $PassParameter.="&fd=".$fDate."&";
- if(isset($tDate))
- $PassParameter.="&td=".$tDate."&";
- if(isset($_REQUEST['invoice']))
- $PassParameter .= "&invoice=".$_REQUEST['invoice'];
-
-
- if(isset($this->params['url']['serachtype']) || isset($_REQUEST['serachtype']))
- $PassParameter.="&serachtype=".$radio."&";
-
- $fltr='';
- $CountField="PM.id";
- $this->set("controller","users");
- $this->set("action","myaccounthistory");
- $this->set("parameter",$PassParameter);
- $this->set("fltr",$fltr);
-
- //echo $select.$from.$where.$others ;
- $this->pagination($select,$from,$where,$others,$CountField,$this->params['url'],$PassParameter);
-
- $this->set("paymentMethods",$this->getPaymentMethods(1));
- if(isset($this->params['url']['Page']) || (isset($fltr) && $fltr!="") || isset($_REQUEST['serachtype']) || isset($_REQUEST['invoice'])) {
- $this->set('pagehead',$pagehead);
- $this->render("myaccounthistory2","ajax");
- }
- }
-
- //This is a common myPayment section
- function mypayment() {
- $this->redirect('/users/myaccounthistory');
-
-
- $this->checkSession();
- $this->layout = 'user_signup';
- $this->pageTitle = 'My payment';
-
- if(isset($_SESSION['UserId']))
- $userhomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($_SESSION['UserId'])."&sessid=".session_id()."";
- else
- $userhomelink='javascript:history.back()';
- $profilehomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($this->profileUserIdforQry)."&sessid=".session_id()."";
-
- $this->set('userhomelink',$userhomelink);
- $this->set('profilehomelink',$profilehomelink);
-
- //Get the payment details
- $this->set("paymentMethods",$this->getPaymentMethods(1));
- $select="SELECT XT. * , XTD. * ";
-
- $from=" FROM xouser_transactions XT, xouser_transaction_details XTD ";
-
-
- $where=" WHERE XT.id = XTD.xouser_transaction_id AND XTD.user_id = '".$_SESSION['UserId']."' ";
-
- $others=" ORDER BY XT.transaction_date desc,XTD.id desc";
-
- $PassParameter="";
-
- $CountField="XT.id";
- $this->set("controller","users");
- $this->set("action","mypayment");
- $this->pagination($select,$from,$where,$others,$CountField,$this->params['url'],$PassParameter);
-
- $getTotalPayment="SELECT SUM( amount ) totalPaymentAmount
- FROM xouser_transaction_details
- WHERE xouser_transaction_id NOT
- IN (
-
- SELECT xouser_transaction_id
- FROM xouser_transaction_details
- WHERE DrCr = '+1'
- AND user_id = '".$_SESSION['UserId']."'
- )
- AND DrCr = '-1'
- AND user_id = '".$_SESSION['UserId']."'";
-
- $queryGetTotalPayment=mysql_fetch_assoc(mysql_query($getTotalPayment));
- $this->set("totalPaymentAmount",$queryGetTotalPayment['totalPaymentAmount']);
-
- if(isset($this->params['url']['Page'])) {
- $this->render("mypayment2","ajax");
- }
-
-
- }
-
- function myfriend_top() {
- $this->checkSession();
- $this->layout = 'user_friends_start';
- $this->pageTitle = 'My Friend Top';
- $this->set('userId', $_SESSION['UserId']);
- $this->set('idUrl', base64_decode($_REQUEST['uid']));
- if(isset($_REQUEST['txtFrndid']) <> "") {
- $top_order_no = $_REQUEST['cboTopfriend'];
- if(isset($_REQUEST['page']) == "" || isset($_REQUEST['page']) == 1) {
- $arry_frndid = explode("|",$_REQUEST['txtFrndid']);
- $friendid_arr = str_replace("|",",",$_REQUEST['txtFrndid'] );
- }
- $j=0;
- $frnd_id = explode(",",$_REQUEST['frnd_id']);
- $frnd_order = explode("|",$_REQUEST['frndid_order']);
- for($i=0;$i<count($arry_frndid);$i++) {
- $j = $j+1;
- $query_update = "UPDATE user_friends SET friend_order=".$j." WHERE user_id=".$_REQUEST['id']." AND friend_id=".$frnd_id[$frnd_order[$i]];
- mysql_query($query_update)or die("Database Error: ".mysql_errno()." ".mysql_error());
- }
- }
-
- else {
- $fr_qry = "select * from user_friends where user_id= ". $_SESSION['UserId'] ." ORDER BY friend_order ASC ";
- $SelectRecord=mysql_query($fr_qry);
- $rows = mysql_num_rows($SelectRecord);
- $this->set('friends_number', mysql_num_rows($SelectRecord));
- $arr = mysql_fetch_array($SelectRecord);
- $this->set('arr', $arr);
- }
- $pending_sql_num = mysql_num_rows(mysql_query("Select * From user_friend_requests Where invite_from = ".$_SESSION['UserId']." and invite_status ='pending'"));
- $receive_sql_num = mysql_num_rows(mysql_query("Select * From user_friend_requests Where invite_to = ".$_SESSION['UserId']." and invite_status ='pending'"));
-
- if($pending_sql_num==0)
- $show_pending = "";
- else
- $show_pending = " (".$pending_sql_num.")";
-
- if($receive_sql_num==0)
- $show_receive = "";
- else
- $show_receive = " (".$receive_sql_num.")";
-
-
- $this->set('Noofpending', $show_pending);
- $this->set('Noofreceive', $show_receive);
- }
-
-
- function profilefriend() /// This function is used in the profile page
- {
- //$this->checkSession();
- $this->layout = 'userprofilevisit';
- $this->userProfileLeftPanel();
- $this->pageTitle = $this->profileNameforTitle."'s Friend ";
-
- $fr_qry = "select * from user_friends where user_id= ". $this->profileUserIdforQry ." ORDER BY friend_order ASC ";
- $SelectRecord=mysql_query($fr_qry);
- $rows = mysql_num_rows($SelectRecord);
- $this->set('friends_number', mysql_num_rows($SelectRecord));
- $this->set('SelectRecord', $SelectRecord);
-
- ############################### Back Url ##############
- if(isset($_SESSION['UserId']))
- $userhomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($_SESSION['UserId'])."&sessid=".session_id()."";
- else
- $userhomelink='javascript:history.back()';
- $profilehomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($this->profileUserIdforQry)."&sessid=".session_id()."";
-
- $this->set('userhomelink',$userhomelink);
- $this->set('profilehomelink',$profilehomelink);
- }
- function profileinfo() {
- //$this->checkSession();
- $this->layout = 'user_signup';
- $this->userProfileLeftPanel();
- $this->pageTitle = $this->profileNameforTitle."'s Profile";
- ############################### Back Url ##############
- if(isset($_SESSION['UserId'])) {
- $userhomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($_SESSION['UserId'])."&sessid=".session_id()."";
- }
- else
- $userhomelink ='javascript:history.back()';
-
- $profilehomelink = $this->webroot."users/profileinfo?uid=".base64_encode($this->profileUserIdforQry);
- $this->set('userhomelink',$userhomelink);
- $this->set('profilehomelink',$profilehomelink);
-
- ############LOCATION INFO #####
- $locationstr = "select IFNULL(countries.country_name,'not set') as country ,IFNULL(state.Name,'not set') as state ,IFNULL(city_master.city_name,'not set') as city , users.user_group_master_id ,users.username from user_details
-
- LEFT JOIN countries ON user_details.c_id=countries.id
- LEFT JOIN state ON user_details.state=state.id
- LEFT JOIN city_master ON user_details.city=city_master.city_id
- LEFT JOIN users ON user_details.user_id=users.id
- where user_details.user_id='".$this->profileUserIdforQry."'";
-
- $locationstr_res =mysql_query($locationstr);
- $locationstr_arr = mysql_fetch_array($locationstr_res);
-
- $location='';
- if($locationstr_arr['city']!='' && $locationstr_arr['city']!='not set')
- $location .= $locationstr_arr['city'] . ', ';
-
- if($locationstr_arr['state']!='' &&$locationstr_arr['state']!='not set')
- $location .= $locationstr_arr['state'] . ', ';
-
- if($locationstr_arr['country']!='' &&$locationstr_arr['country']!='not set')
- $location .= $locationstr_arr['country'] . ', ';
-
-
- if($location!='')
- $this->set('profilelocation',substr($location,0,strlen($location)-2));
- else
- $this->set('profilelocation','not set');
-
- $this->set('profilelocation','not set');
-
- if($locationstr_arr['user_group_master_id']>1) {
- $this->set('profileUrlforInfo','http://www.'.strtolower($locationstr_arr['username']).'.xoimages.com');
- }
-
- ################################
-
-
-
-
-
- /* ####### CHECK FOR FRIEND STATUS ###########
- $friendstatus = "select * from user_friends where user_id='".$_SESSION['UserId']."' and friend_id='".$this->profileUserIdforQry."'";
- $friendstatus_res = mysql_query($friendstatus);
- $this->set('friendNum',mysql_num_rows($friendstatus_res));
- ################################################
-
- ####### CHECK FOR FAVORITE STATUS ###########
- $friendstatus = "select * from user_favorite_friends where user_id='".$_SESSION['UserId']."' and favorite_user_id='".$this->profileUserIdforQry."'";
- $friendstatus_res = mysql_query($friendstatus);
- $this->set('friendRequestNum',mysql_num_rows($friendstatus_res));
- ################################################
- */
- $profileDetails = "Select user_details.* from user_details where user_details.user_id='".$this->profileUserIdforQry."'";
- $profileDetails_res = mysql_query($profileDetails);
- $profileDetails_arr = mysql_fetch_array($profileDetails_res);
- $this->set('profileaboutme',$profileDetails_arr['abt_user']);
- if($profileDetails_arr['user_profile_img']!="") {
- $imgName = explode("/", $profileDetails_arr['user_profile_img']);
- $imgSRC = "img/user_profile_img/profile_200/".$imgName[2];
- }
- else {
- $imgSRC = "img/noimage.gif";
-
- }
- $this->set('profilelargepic',$imgSRC);
- $this->set('profilegender',$profileDetails_arr['gender']);
- }
- function delfavorite() {
- ####### CHECK FOR FAVORITE STATUS ###########
- $friendstatus = "select * from user_favorite_friends where user_id='".$_SESSION['UserId']."' and favorite_user_id='".base64_decode($this->params['url']['friendid'])."'";
- $friendstatus_res = mysql_query($friendstatus);
- $del=0;
- if(mysql_num_rows($friendstatus_res)>0) {
- $delfavorite = "DELETE FROM user_favorite_friends where user_id='".$_SESSION['UserId']."' and favorite_user_id='".base64_decode($this->params['url']['friendid'])."'";
- if(mysql_query($delfavorite)) {
- $favmsg = 'User sucessfully deleted from favorite' ;
- $del=1;
- }
- else
- $favmsg = 'Error! user not deleted.' ;
- }
-
- $this->set('sucessmsg',$favmsg);
- $this->set('profileuserid',$this->params['url']['friendid']);
- $this->set('linkshow',$del);
- $this->render('friendpage','ajax');
-
- ################################################
- }
- function addfavorite() {
- ####### CHECK FOR FAVORITE STATUS ###########
- $friendstatus = "select * from user_favorite_friends where user_id='".$_SESSION['UserId']."' and favorite_user_id='".base64_decode($this->params['url']['friendid'])."'";
- $friendstatus_res = mysql_query($friendstatus);
- $del=1;
- if(mysql_num_rows($friendstatus_res)>0) {
- $insetfavorite = "INSERT INTO user_favorite_friends SET user_id='".$_SESSION['UserId']."', favorite_user_id='".base64_decode($this->params['url']['friendid'])."'";
- if(mysql_query($insetfavorite)) {
- $favmsg = 'User sucessfully added to your favorite' ;
- $del=0;
- }
- else
- $favmsg = 'Error! user not added.' ;
- }
-
- $this->set('sucessmsg',$favmsg);
- $this->set('profileuserid',$this->params['url']['friendid']);
- $this->set('linkshow',$del);
- $this->render('friendpage','ajax');
-
- ################################################
- }
- function addfriendrequest() {
- ####### CHECK FOR FRIEND STATUS ###########
- $friend=0;
- $select_sql = "Select * from user_friend_requests where invite_to=".base64_decode($this->params['url']['friendid'])." and invite_from = ".$_SESSION['UserId']."";
- if(mysql_num_rows(mysql_query($select_sql))==0) {
-
- $friend_select_sql = "Select * from user_friends where friend_id=".base64_decode($this->params['url']['friendid'])." and user_id = ".$_SESSION['UserId']."";
- if(mysql_num_rows(mysql_query($friend_select_sql))==0) {
- $insert_sql = "Insert INTO user_friend_requests (invite_to,invite_from,invite_text,invite_denymsg) VALUES (".$this->params['url']['friendid']." , ".$_SESSION['UserId'].",'".$email_body."','')" ;
- $runinsert_sql = mysql_query($insert_sql);
- if($runinsert_sql) {
- $friendreq = 'Friend request sucessfully posted';
- $friend=1;
- }else
- $friendreq = 'Error ! friend request not posted';
-
- }
- }
- ###################################
- $this->set('linkshow',$friend);
- $this->set('sucessmsg',$friendreq);
- $this->set('profileuserid',$this->params['url']['friendid']);
- $this->render('friendpage','ajax');
-
-
- }
-
- function delfriendrequest() {
- ####### CHECK FOR FRIEND STATUS ###########
- $friend=0;
- $select_sql = "Select * from user_friend_requests where invite_to=".base64_decode($this->params['url']['friendid'])." and invite_from = ".$_SESSION['UserId']."";
- if(mysql_num_rows(mysql_query($select_sql))==0) {
-
- $friend_select_sql = "Select * from user_friends where friend_id=".base64_decode($this->params['url']['friendid'])." and user_id = ".$_SESSION['UserId']."";
- if(mysql_num_rows(mysql_query($friend_select_sql))>0) {
- $insert_sql = "DELETE FROM user_friends where friend_id=".base64_decode($this->params['url']['friendid'])." and user_id = ".$_SESSION['UserId']."" ;
- $runinsert_sql = mysql_query($insert_sql);
- if($runinsert_sql) {
- $friendreq = 'Friend sucessfully deleted';
- $friend=1;
- }else
- $friendreq = 'Error ! friend deletion not successfull';
-
- }
- }
- ###################################
- $this->set('linkshow',$friend);
- $this->set('sucessmsg',$friendreq);
- $this->set('profileuserid',$this->params['url']['friendid']);
- $this->render('friendpage','ajax');
-
-
- }
- function sendmessage() {
- $this->checkSession();
- $this->layout = 'userprofilevisit';
- $this->pageTitle = 'Send Message';
- $this->userProfileLeftPanel();
- if(isset($_REQUEST['sent']) && $_REQUEST['sent']== "email") {
- $name =$_REQUEST['txtmailid'];
- $usrQry = "select id from users where username='".$name."'";
- $res = mysql_query($usrQry);
- $rows = mysql_num_rows($res);
- if($rows>0) {
- $userId=$_SESSION['UserId'];
- $UserDet = mysql_fetch_array($res);
- $UserEmail = mysql_fetch_array(mysql_query("select email from user_details where user_id='".$UserDet['id']."'"));
- $mailQry = "insert into sent_mails(user_id, reciever_id, email_subject, email_body) values(".$userId.", '".$UserDet['id']."', '".$_REQUEST['message_sub']."', '".$_REQUEST['msgBody']."')";
- $emailUpdate = mysql_query($mailQry);
- $mailQry = "insert into emails(user_id, email_creater, email_subject, email_body) values(".$UserDet['id'].", ".$userId.", '".$_REQUEST['message_sub']."', '".$_REQUEST['msgBody']."')";
- $inboxUpdate = mysql_query($mailQry);
- }
-
- $commonurl = "?id=".time()."&uid=".base64_encode($_SESSION['UserId'])."&s=1";
- $qryUrl=$commonurl."&friendid=".base64_encode($UserDet['id']);
- $this->redirect("users/sendmessage".$qryUrl);
-
- }
- else {
- $usrQry = mysql_query("SELECT username FROM users WHERE id='".base64_decode($this->params['url']['friendid'])."'");
- $rwUsr=mysql_fetch_assoc($usrQry);
- $this->set("userName",$rwUsr['username']);
- if(isset($this->params['url']['s']))
- $this->set("confirm","Your mail sent successfully.");
- }
- }
-
-
-
- function editskin() {
- $this->checkSession();
- $this->layout = 'userprofilevisit';
- $this->userProfileLeftPanel();
- $this->pageTitle = $this->profileNameforTitle." Edit Profile";
- ############################### Back Url ##############
- $userhomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($_SESSION['UserId'])."&sessid=".session_id()."";
- $this->set('userhomelink',$userhomelink);
-
-
- }
- function managewebsite() {
- $this->checkSession();
- $this->layout = 'userprofilevisit';
- $this->userProfileLeftPanel();
- $this->pageTitle = $this->profileNameforTitle." Edit Profile";
- ############################### Back Url ##############
- $userhomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($_SESSION['UserId'])."&sessid=".session_id()."";
- $this->set('userhomelink',$userhomelink);
- ############################### About us Txt ##########################
- $websiteQry = "SELECT IFNULL(aboutus,'Text awaiting') as abouttxt FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- $websiteQry_arr = mysql_fetch_array($websiteQry_res);
- if($websiteQry_arr['abouttxt']=='')
- $websitetxt = 'Text awaiting' ;
- else
- $websitetxt = $websiteQry_arr['abouttxt'] ;
-
- $this->set('content',$websitetxt);
- #####################################################################
- $this->render('photoaboutus');
-
-
- }
-
-
- function view_project() {
- $this->checkSession();
- $this->layout = 'userloggedin';
- $this->pageTitle = 'Bidded Project Details';
- $qry = "SELECT * FROM `organization_project_bidders` AS bid, `organization_projects` AS projects WHERE projects.id =".base64_decode($_REQUEST['id']);
- $bidDet = mysql_fetch_array(mysql_query($qry));
- $this->set('prjName', $bidDet['project_name']);
- $this->set('status', $bidDet['project_status']);
- $this->set('budget', $bidDet['project_price']);
- $pjDtArr = explode("-", $bidDet['project_date']);
- $pjDayArr = explode(" ", $pjDtArr[2]);
- $this->set('createDate', date("M d, Y l", mktime(0,0,0,$pjDtArr[1],$pjDayArr[0],$pjDtArr[0])));
- $qryUser = "select username from users where id=".$bidDet['user_id'];
- $created = mysql_fetch_array(mysql_query($qryUser));
- $this->set('created', $created['username']);
- $dtArr = explode("-", $bidDet['project_exp_date']);
- $dateArr = explode(" ", $dtArr[2]);
- $this->set('exp_date', date("M d, Y l", mktime(0,0,0,$dtArr[1],$dateArr[0],$dtArr[0])));
- $qry = "SELECT DATEDIFF('".$bidDet['project_exp_date']."','".$bidDet['project_date']."') as date;";
- $bidDateArr = mysql_fetch_array(mysql_query($qry));
- $this->set('daysLeft', $bidDateArr['date']);
- $this->set('desc', $bidDet['project_description']);
- $this->set('type', $bidDet['project_name']);
- $avgBid = mysql_fetch_array(mysql_query("select AVG(bid_value) as AVG from `organization_project_bidders` where organisation_project_id=".$bidDet['id']));
- $bidcount = mysql_num_rows(mysql_query("select bid_value as AVG from `organization_project_bidders` where organisation_project_id=".$bidDet['id']));
- $this->set('bidcount', $bidcount);
- $this->set('avg_bid', round($avgBid['AVG'], 2));
-
- }
-
- function createStuffArray() {
- $stuffarray = array();
- if(isset($_SESSION['UserId'])) {
- $stuffsql = "Select boxname from profilemap where userid='".$_SESSION['UserId']."' and display='block'";
- $stuffsql_res = mysql_query($stuffsql);
- while($stuffsql_arr = mysql_fetch_array($stuffsql_res)) {
- array_push($stuffarray,$stuffsql_arr['boxname']);
- }
- }
- $this->set("stuffarray",$stuffarray);
-
- }
- function saveaddstuff() {
- ########## Manipulation of the element
- if(isset($_REQUEST['button'])) {
- if($_REQUEST['button']=='Remove') {
- $updateQuery = "Update profilemap SET display='none' where userid='".$_SESSION['UserId']."' and boxname='".$this->params['url']['e']."'" ;
- $updateQuery=mysql_query($updateQuery);
- }
- else {
- echo $updateQuery = "Update profilemap SET display='block',position='".$_REQUEST['position']."' where userid='".$_SESSION['UserId']."' and boxname='".$this->params['url']['e']."'" ;
- $updateQuery=mysql_query($updateQuery);
- }
-
-
- }
-
-
-
- $this->createStuffArray();
- $this->set("span",$this->params['url']['d']);
- $this->set("elementInArray",$this->params['url']['e']);
- $this->set("var",$this->params);
- $this->render("saveaddstuff");
- }
-
- function saveskin() {
- $this->checkSession();
- if(isset($_REQUEST['theme'])) {
- $updatetheme = "UPDATE user_details set theme='".$_REQUEST['theme']."' where user_id='".$_SESSION['UserId']."'";
- mysql_query($updatetheme);
- }
- $userhomelink = "users/user_home?id=".time()."&uid=".base64_encode($_SESSION['UserId'])."&sessid=".session_id()."";
- $this->redirect($userhomelink);
-
- }
-
- ###################################### Photographer Website section #################################
- function photoaboutus() {
- $this->checkSession();
- $this->layout = 'userprofilevisit';
- $this->userProfileLeftPanel();
- $this->pageTitle = "About Us";
- ############################### About us Txt ##########################
- $websiteQry = "SELECT IFNULL(aboutus,'Text awaiting') as abouttxt FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- $websiteQry_arr = mysql_fetch_array($websiteQry_res);
- if($websiteQry_arr['abouttxt']=='')
- $websitetxt = 'Text awaiting' ;
- else
- $websitetxt = $websiteQry_arr['abouttxt'] ;
-
- $this->set('content',$websitetxt);
- #####################################################################
- if(isset($_REQUEST['pagetype']) && $_REQUEST['pagetype'] == "aboutus") {
- $websiteQry = "SELECT IFNULL(aboutus,'Text awaiting') as abouttxt FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- if(mysql_num_rows($websiteQry_res)==0) {
- $insetqry = "INSERT INTO photographer_website SET aboutus='".$_REQUEST['pagedesc']."' ,user_id='".$_SESSION['UserId']."' ";
- mysql_query($insetqry);
- }
- else {
- $insetqry = "UPDATE photographer_website SET aboutus='".$_REQUEST['pagedesc']."' where user_id='".$_SESSION['UserId']."'";
- mysql_query($insetqry);
- }
- $this->redirect($_SERVER['HTTP_REFERER']);
- }
-
- }
-
- function phototestimonial() {
- $this->checkSession();
- $this->layout = 'userprofilevisit';
- $this->userProfileLeftPanel();
- $this->pageTitle = 'Testimonial';
- ############################### About us Txt ##########################
- $websiteQry = "SELECT IFNULL(testimonial,'Text awaiting') as abouttxt FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- $websiteQry_arr = mysql_fetch_array($websiteQry_res);
- if($websiteQry_arr['abouttxt']=='')
- $websitetxt = 'Text awaiting' ;
- else
- $websitetxt = $websiteQry_arr['abouttxt'] ;
-
- $this->set('content',$websitetxt);
- #####################################################################
- if(isset($_REQUEST['pagetype']) && $_REQUEST['pagetype'] == "testimonial") {
- $websiteQry = "SELECT IFNULL(testimonial,'Text awaiting') as abouttxt FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- if(mysql_num_rows($websiteQry_res)==0) {
- $insetqry = "INSERT INTO photographer_website SET testimonial='".$_REQUEST['pagedesc']."' ,user_id='".$_SESSION['UserId']."' ";
- mysql_query($insetqry);
- }
- else {
- $insetqry = "UPDATE photographer_website SET testimonial='".$_REQUEST['pagedesc']."' where user_id='".$_SESSION['UserId']."'";
- mysql_query($insetqry);
- }
- $this->redirect($_SERVER['HTTP_REFERER']);
- }
-
- }
- function photoprice() {
- $this->checkSession();
- $this->layout = 'userprofilevisit';
- $this->userProfileLeftPanel();
- $this->pageTitle = 'Price';
- ############################### About us Txt ##########################
- $websiteQry = "SELECT IFNULL(price,'Text awaiting') as abouttxt FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- $websiteQry_arr = mysql_fetch_array($websiteQry_res);
- if($websiteQry_arr['abouttxt']=='')
- $websitetxt = 'Text awaiting' ;
- else
- $websitetxt = $websiteQry_arr['abouttxt'] ;
-
- $this->set('content',$websitetxt);
- #####################################################################
- if(isset($_REQUEST['pagetype']) && $_REQUEST['pagetype'] == "price") {
- $websiteQry = "SELECT IFNULL(price,'Text awaiting') as abouttxt FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- if(mysql_num_rows($websiteQry_res)==0) {
- $insetqry = "INSERT INTO photographer_website SET price='".$_REQUEST['pagedesc']."' ,user_id='".$_SESSION['UserId']."' ";
- mysql_query($insetqry);
- }
- else {
- $insetqry = "UPDATE photographer_website SET price='".$_REQUEST['pagedesc']."' where user_id='".$_SESSION['UserId']."'";
- mysql_query($insetqry);
- }
- $this->redirect($_SERVER['HTTP_REFERER']);
- }
-
- }
- function photocontact() {
-
- $this->checkSession();
- $this->layout = 'userprofilevisit';
- $this->userProfileLeftPanel();
- $this->pageTitle = 'Contact';
- ############################### About us Txt ##########################
- $websiteQry = "SELECT IFNULL(contactus,'Text awaiting') as abouttxt,googlelocation FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- $websiteQry_arr = mysql_fetch_array($websiteQry_res);
- if($websiteQry_arr['abouttxt']=='')
- $websitetxt = 'Text awaiting' ;
- else
- $websitetxt = $websiteQry_arr['abouttxt'] ;
-
- $this->set('content',$websitetxt);
- $expgoogleloc = explode(':',$websiteQry_arr['googlelocation']);
- if(isset($expgoogleloc[0]) &&$expgoogleloc[0]!=='')
- $googlelat = $expgoogleloc[0] ;
- else
- $googlelat = 48.8567;
-
- if(isset($expgoogleloc[1]) && $expgoogleloc[1]!=='')
- $googlelong = $expgoogleloc[1] ;
- else
- $googlelong = 2.35099;
- $this->set('googlelat',$googlelat);
- $this->set('googlelong',$googlelong);
-
- #####################################################################
- if(isset($_REQUEST['pagetype']) && $_REQUEST['pagetype'] == "contact") {
- $websiteQry = "SELECT IFNULL(contactus,'Text awaiting') as abouttxt FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- $googlelocation = $_REQUEST['lat'] .':'.$_REQUEST['lng'] ;
-
-
- if(mysql_num_rows($websiteQry_res)==0) {
- //$insetqry = "INSERT INTO photographer_website SET contactus='".$_REQUEST['pagedesc']."' ,user_id='".$_SESSION['UserId']."' ";
- $insetqry = "INSERT INTO photographer_website SET contactus='".$_REQUEST['pagedesc']."' ,user_id='".$_SESSION['UserId']."',googlelocation='".$googlelocation."' ";
- mysql_query($insetqry);
- }
- else {
- //$insetqry = "UPDATE photographer_website SET contactus='".$_REQUEST['pagedesc']."' where user_id='".$_SESSION['UserId']."'";
- $insetqry = "UPDATE photographer_website SET contactus='".$_REQUEST['pagedesc']."',googlelocation='".$googlelocation."' where user_id='".$_SESSION['UserId']."'";
- mysql_query($insetqry);
- }
- $this->redirect($_SERVER['HTTP_REFERER']);
- }
-
-
- }
- function photoappearence() {
- $this->checkSession();
- $this->layout = 'userprofilevisit';
- $this->userProfileLeftPanel();
- $this->pageTitle = 'Appearence';
- ############################### About us Txt ##########################
- $websiteQry = "SELECT layout , logoimage , backgroundimage , theme FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- $websiteQry_arr = mysql_fetch_array($websiteQry_res);
-
- /* LOGO IMAGE */
- $logopath = $this->webroot.'img/logo.gif';
- if($websiteQry_arr['logoimage']!='')
- $logopath = $this->webroot.'photowebsite/logo/'.$websiteQry_arr['logoimage'] ;
- /* LOGO IMAGE */
-
- /* LAYOUT NUMBER */
- $photolayout = 1;
- if($websiteQry_arr['layout']!='')
- $photolayout = $websiteQry_arr['layout'];
- /* LAYOUT NUMBER */
-
-
- /*STYLE THEME PAGE*/
- $photostyle = 'blue';
-
- if($websiteQry_arr['theme']!='')
- $photostyle = $websiteQry_arr['theme'];
- /*STYLE THEME PAGE*/
-
- /* Background image */
- if($websiteQry_arr['backgroundimage']=='' && $photostyle=='blue')
- $backgrondpath = $this->webroot.'img/skin7.jpg';
- if($websiteQry_arr['backgroundimage']=='' && $photostyle=='green')
- $backgrondpath = $this->webroot.'img/skin2.gif';
- if($websiteQry_arr['backgroundimage']=='' && $photostyle=='yellow')
- $backgrondpath = $this->webroot.'img/skin4.gif';
- if($websiteQry_arr['backgroundimage']=='' && $photostyle=='red')
- $backgrondpath = $this->webroot.'img/skin1.gif';
- if($websiteQry_arr['backgroundimage']=='' && $photostyle=='black')
- $backgrondpath = $this->webroot.'img/skin7.jpg';
-
- if($websiteQry_arr['backgroundimage']!='')
- $backgrondpath = $this->webroot.'photowebsite/background/'.$websiteQry_arr['backgroundimage'] ;
- /* Background image */
-
-
-
- $this->set('photologoimage',$logopath);
- $this->set('photobackimgpath',$backgrondpath);
- $this->set('photolayout',$photolayout);
- $this->set('phototemplate',$photostyle);
- #####################################################################
- }
- function setlayout($layoutnumber) {
- $websiteQry = "SELECT layout FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- if(mysql_num_rows($websiteQry_res)>0) {
- $upadteLayout = "UPDATE photographer_website SET layout='".$layoutnumber."' WHERE user_id='".$_SESSION['UserId']."'";
- mysql_query($upadteLayout);
- //$websiteQry_arr = mysql_fetch_array($websiteQry_res);
- }
- else {
- $upadteLayout = "INSERT INTO photographer_website SET layout='".$layoutnumber."',user_id='".$_SESSION['UserId']."'";
- mysql_query($upadteLayout);
- }
- $this->set('layoutnumber',$layoutnumber);
- $this->render('layoutlist','Ajax');
-
-
- }
- function setwebtheme($layoutype) {
- $websiteQry = "SELECT theme FROM photographer_website WHERE user_id='".$_SESSION['UserId']."'";
- $websiteQry_res = mysql_query($websiteQry);
- if(mysql_num_rows($websiteQry_res)>0) {
- $upadteLayout = "UPDATE photographer_website SET theme='".$layoutype."' WHERE user_id='".$_SESSION['UserId']."'";
- mysql_query($upadteLayout);
- }
- else {
- $upadteLayout = "INSERT INTO photographer_website SET theme='".$layoutype."',user_id='".$_SESSION['UserId']."'";
- mysql_query($upadteLayout);
- }
- $this->set('layouttype',$layoutype);
- $this->render('layoutlist','Ajax');
- }
-
- function editalbum($pageaction,$albumid) {
- if($pageaction=='edit') {
- $albumsql = "SELECT * from user_albums where user_id = '".$_SESSION['UserId']."' and id='".base64_decode($albumid)."'";
- $albumsql_res = mysql_query($albumsql);
- $albumsql_arr = mysql_fetch_array($albumsql_res);
- $this->set('albumName',$albumsql_arr['album_name']);
- $this->set('albumAccess',$albumsql_arr['album_access']);
-
-
- }
- else {
- if($pageaction=='update') {
- $updatealbum = "UPDATE user_albums SET album_name='".addslashes($_REQUEST['albumname'])."' , album_access='".$_REQUEST['access']."' where user_id = '".$_SESSION['UserId']."' and id='".base64_decode($albumid)."'";
- mysql_query($updatealbum);
- }
- if($pageaction=='delete') {
- /* DELETIng the image in the album */
- $imgselect = "SELECT * from user_photo_albums where user_id = '".$_SESSION['UserId']."' and user_album_id='".base64_decode($albumid)."'";
- $imgselect_res = mysql_query($imgselect);
- while($imgselect_arr = mysql_fetch_array($imgselect_res)) {
- $destination = realpath('../../app/webroot/user_img/t/') . '/'.$imgselect_arr['pic_original_name'];
- unlink($destination);
- $updatealbum = "DELETE FROM user_photo_albums where user_id = '".$_SESSION['UserId']."' and id='".$imgselect_arr['id']."'";
- mysql_query($updatealbum);
- }
- /**/
- $updatealbum = "DELETE FROM user_albums where user_id = '".$_SESSION['UserId']."' and id='".base64_decode($albumid)."'";
- mysql_query($updatealbum);
- }
-
- }
-
- $this->set('pageaction',$pageaction);
- $this->set('pagealbumid',$albumid);
- $this->render('editalbum2','ajax');
- }
-
- function photodetails() {
-
- $this->verifyserverUrl($_SERVER['REQUEST_URI']);
-
- $this->layout = 'userphotoinner_detail';
- $this->set('photoid',$_REQUEST['pid']);
-
-
- $select = " Select X.id,X.user_id,X.pic_original_name,X.pic_title,X.pic_desc,Xuser.username ,Xuser.id as photocreater ,COUNT(Xcomment.id) as photoreview , Xuserdetail.user_profile_img , IFNULL(ROUND(AVG(Xrating.vote),0),0) as photorat,Xalbum.album_name ,Xalbum.id as albumid ,COUNT(Xfavorite.id) as photofavored ";
-
- $from=" FROM user_photo_albums X
- LEFT JOIN user_albums Xalbum ON X.user_album_id = Xalbum.id
- LEFT JOIN comments Xcomment ON X.id = Xcomment.user_photo_albums_id
- LEFT JOIN users Xuser ON X.user_id = Xuser.id
- LEFT JOIN user_details Xuserdetail ON X.user_id = Xuserdetail.user_id
- LEFT JOIN user_voting_images Xrating ON X.id = Xrating.image_id
- LEFT JOIN user_favorite_photo Xfavorite ON X.id=Xfavorite.favorite_photo_id ";
-
- $where="WHERE X.is_blocked='0' AND X.is_temp='0' AND X.id='".base64_decode($_REQUEST['pid'])."' group by X.id";
-
- $photo_sql = $select . $from .$where;
- $photo_res = mysql_query($photo_sql);
- $photores_arr = mysql_fetch_array($photo_res);
- $photoUrl = DOMAIN."users/photodetails?pid=".$_REQUEST['pid'];
- $this->set('photoUrl',$photoUrl);
-
- $this->set('photoTitle', $photores_arr['pic_title']);
- $this->set('photoDesc', $photores_arr['pic_desc']);
- $this->set('photoImage', $photores_arr['pic_original_name']);
- $this->set('photoImageId', $photores_arr['id']);
- $this->set('photoImageAlbumId', $photores_arr['albumid']);
- $this->set('photoUsername', $photores_arr['username']);
- $this->set('photoUserId', $photores_arr['photocreater']);
- $this->set('photototalRating', $photores_arr['photorat']);
- $this->set('photototalReview', $photores_arr['photoreview']);
-
- $checklover = "Select * from photo_lovers where user_photo_album_id='".base64_decode($_REQUEST['pid'])."'" ;
- $checklover_res = mysql_query($checklover);
- $checklover_res_num = mysql_num_rows($checklover_res);
- $this->set('nooflover', $checklover_res_num);
-
- ##### Check for the review already posted or not
- $numberpreview=0;
- if(isset($_SESSION['UserId'])) {
- $checkbackdropreview = "SELECT * FROM comments where user_photo_albums_id='".base64_decode($_REQUEST['pid'])."' and user_id='".$_SESSION['UserId']."'";
- $checkbackdropreview_res = mysql_query($checkbackdropreview);
- $numberpreview = mysql_num_rows($checkbackdropreview_res);
- }
- $this->set('reviewposted', $numberpreview);
- #####
-
- ################################################### FOR NEXT AND PREVIOUS #######################
-
- $Imgselect = " Select Xphotoalbum.id,Xalbum.user_id,Xphotoalbum.pic_original_name
- FROM user_albums Xalbum
- LEFT JOIN user_photo_albums Xphotoalbum ON Xalbum.id = Xphotoalbum.user_album_id
- WHERE Xalbum.album_access='public'";
-
- $Imgselect_res = mysql_query($Imgselect);
- $Imgarray = array();
-
- while($Imgselect_arr = mysql_fetch_array($Imgselect_res)) {
- //$Imgarray['image'.$Imgselect_arr['id']] = $Imgselect_arr['id'] ;
- $Imgarray[] = $Imgselect_arr['id'] ;
- }
- //pr($Imgarray);
- //echo base64_decode($_REQUEST['pid']) ;
- $searchKey = array_search(base64_decode($_REQUEST['pid']),$Imgarray) ;
- // Next
- $searchKeyNext = ($searchKey + 1);
- $searchKeyPrev = ($searchKey - 1);
-
- if (array_key_exists($searchKeyNext, $Imgarray)) {
- $this->set('nxtImage',$Imgarray[$searchKeyNext]);
- }
- // Prev
- if (array_key_exists($searchKeyPrev, $Imgarray)) {
- $this->set('prevImage',$Imgarray[$searchKeyPrev]);
- }
-
- ################################################### FOR NEXT AND PREVIOUS #######################
-
- ################################################### CHECKING FOR LARGE IMAGE #######################
- $largeimgFilename = "../app/webroot/user_img/o/".$photores_arr['pic_original_name'];
- $checklargeimgFilename = "../app/webroot/user_img/large/".$photores_arr['pic_original_name'];
- if (!file_exists($checklargeimgFilename)) {
- //$this->set('largeimagfile',$photores_arr['pic_original_name']);
-
-
- $this->Thumbnail->fileName = $largeimgFilename;
- $this->Thumbnail->quality = 100;
- $this->Thumbnail->init();
- $this->Thumbnail->percent = 0; //Percent has to be 0 for maxWidth and maxHeight to work;
- $this->Thumbnail->maxWidth = 600;
- $this->Thumbnail->maxHeight = 0;
- $this->Thumbnail->resize();
- $this->Thumbnail->cropSize =600;
- $this->Thumbnail->cropX = ($this->Thumbnail->getCurrentWidth()/2)-($this->Thumbnail->cropSize/2);
- $this->Thumbnail->cropY = ($this->Thumbnail->getCurrentHeight()/2)-($this->Thumbnail->cropSize/2);
- $this->Thumbnail->crop();
- $this->Thumbnail->save("../app/webroot/user_img/large/".$photores_arr['pic_original_name']);
- }
- ################################################### CHECKING FOR LARGE IMAGE #######################
-
-
- }
-
-
- function photolover($id=null) {
- if(isset($_SESSION['UserId'])&& $id) {
- $checklover = "Select * from photo_lovers where user_id='".$_SESSION['UserId']."' and user_photo_album_id='".$id."'" ;
- $checklover_res = mysql_query($checklover);
- $checklover_res_num = mysql_num_rows($checklover_res);
- if($checklover_res_num==0) {
- $insertlover = "INSERT INTO photo_lovers SET user_id='".$_SESSION['UserId']."', user_photo_album_id='".$id."' ";
- $insertlover=mysql_query($insertlover);
- }
-
-
- }
- $checklover = "Select * from photo_lovers where user_photo_album_id='".$id."'" ;
- $checklover_res = mysql_query($checklover);
- $checklover_res_num = mysql_num_rows($checklover_res);
- $this->set('nooflover', $checklover_res_num);
- $this->set('photoId', $id);
-
- $this->render('photolover', 'ajax');
-
- }
-
- function addtag($photoId=null) {
- /* */
- $this->set('photoImageId',$_REQUEST['hfphotopid']);
- if(isset($_REQUEST['hfphotopid']) && $_REQUEST['hfphotopid']>0 && isset($_SESSION['UserId']) && addslashes($_REQUEST['phototag'])!='Enter Tag') {
- /* INSERT INTO TAGE TABLE */
- $insersql = "INSERT INTO user_photo_albums_tags SET user_id='".$_SESSION['UserId']."',user_photo_album_id='".$_REQUEST['hfphotopid']."',tagname='".addslashes($_REQUEST['phototag'])."' ";
- $insersql_res = mysql_query($insersql);
- }
- $this->set('photoImageId', $_REQUEST['hfphotopid']);
- $this->render('taglist', 'ajax');
- }
-
- function savevendortag() {
- $this->checkSession();
- if(isset($_REQUEST['vendortag']) && $_REQUEST['vendortag']!='Enter Tag' ) {
- $tagcheck = "SELECT * from vendor_usertag where user_id='".$_SESSION['UserId']."' and tagname='".addslashes($_REQUEST['vendortag'])."'";
- $tagcheck_res = mysql_query($tagcheck);
- if(mysql_num_rows($tagcheck)==0) {
- $insersql = "INSERT INTO vendor_usertag SET user_id='".$_SESSION['UserId']."',tagname='".addslashes($_REQUEST['vendortag'])."' ";
- $insersql_res = mysql_query($insersql);
- }
- }
- $this->redirect($_SERVER['HTTP_REFERER'].'#tag');
- }
-
- function savepaymentinfo($entrytype=null) {
- $this->checkSession();
- //pr($_REQUEST);
- if($entrytype) {
- $paymentqry = "SELECT paypal_email,gcheckout_email FROM user_payment_setup WHERE user_id='".$_SESSION['UserId']."'";
- $paymentqry_res = mysql_query($paymentqry);
- $paymentqry_num = mysql_num_rows($paymentqry_res);
- if($entrytype=='gcheckout') {
- if($paymentqry_num==0) {
- $insertsql ="INSERT INTO user_payment_setup SET gcheckout_email='".$_REQUEST['merchantId'].'break'.$_REQUEST['merchantkey']. "' ,user_id='".$_SESSION['UserId']."'";
- mysql_query($insertsql);
- }
- else {
- $insertsql ="UPDATE user_payment_setup SET gcheckout_email='".$_REQUEST['merchantId'].'break'.$_REQUEST['merchantkey'] ."' where user_id='".$_SESSION['UserId']."'";
- mysql_query($insertsql);
- }
-
- }
- if($entrytype=='paypal') {
- //check paypal_email block
- $result = mysql_query("SELECT * FROM user_payment_setup WHERE paypal_email='".$_REQUEST['paypaliid']. "' and is_blocked='1' ");
- if(mysql_num_rows($result)<=0){
- if($paymentqry_num==0) {
- $insertsql ="INSERT INTO user_payment_setup SET paypal_email='".$_REQUEST['paypaliid']. "' ,user_id='".$_SESSION['UserId']."'";
- mysql_query($insertsql);
- }
- else {
- $insertsql ="UPDATE user_payment_setup SET paypal_email='".$_REQUEST['paypaliid']."' where user_id='".$_SESSION['UserId']."'";
- mysql_query($insertsql);
- }
- }
-
- }
- }
- $this->redirect($_SERVER['HTTP_REFERER'].'#payment');
- }
- ##################################################################
-
- function sendVerifyemail() {
-
- if(isset($_SESSION['UserId']) && $_SESSION['UserId']>0) {
- $validateEmail = "SELECT email , CONCAT_WS(' ',first_name,last_name) as personName , users.is_validate ,users.validate_key FROM user_details
- LEFT JOIN users On user_details.user_id=users.id
- where user_details.user_id='".$_SESSION['UserId']."'";
- $validateEmail_res = mysql_query($validateEmail);
- $TempuserDetails = mysql_fetch_array($validateEmail_res);
- //$userDetails = mysql_fetch_array($validateEmail_res);
-
-
- $userMailAddress = $TempuserDetails['email'];
-
- if(isset($TempuserDetails['email']) && $TempuserDetails['is_validate']=='0') {
- $this->set('personName',$TempuserDetails['personName']);
- if($TempuserDetails['validate_key']!='')
- $validation_hash = $TempuserDetails['validate_key'] ;
- else {
- $validation_code = mktime().rand(10000, 90000);
- $validation_hash = md5($validation_code.session_id());
-
- $updatevalidkey = "UPDATE users SET validate_key='".$validation_hash."' where id='".$_SESSION['UserId']."' ";
- @mysql_query($updatevalidkey);
- }
-
- $validationlink = '<a href="'.DOMAIN.'users/validemail/'.$validation_hash.'" style="font: normal 12px Arial, Helvetica, sans-serif; color: #0033CC;">Email verification</a>';
- $this->set('varifyemailcontent',$validationlink);
-
-
- $this->Sendmail->Mail();
- $this->Sendmail->From(FROMMAIL);
-
- $this->Sendmail->To($userMailAddress);
- //$this->Sendmail->Cc("sujoy@navsoft.in");
- //$this->Sendmail->Cc("sanjib@navsoft.in");
- $subject="Xoimages Email Verifications";
- $this->Sendmail->Subject($subject);
- $this->Sendmail->layout='email';
- $this->Sendmail->view='mail_emailverify';
- $this->Sendmail->startup($this);
- $messageBody=$this->Sendmail->bodyText();
- $this->Sendmail->Body($messageBody); // set the body
- $this->Sendmail->Priority(1) ; // set the priority to Low
- $this->Sendmail->Send(); // send the mail
- }
- }
- }
-
-
- function validateemail($fromsignup=null) {
- if(isset($_SESSION['UserId']) && $_SESSION['UserId']>0) {
- $this->set('fromsignup',$fromsignup);
- }
- }
-
- function validemail($validkey=null) {
- if($validkey) {
- $validateEmail = "SELECT * from users where validate_key ='".$validkey."'";
- $validateEmail_res = mysql_query($validateEmail);
- $validateEmail_num = mysql_num_rows($validateEmail_res);
- //exit();
- if($validateEmail_num>0) {
- $userDetails = mysql_fetch_array($validateEmail_res);
-
- $this->Session->write('User', $userDetails['username']);
- $this->Session->write('UserId', $userDetails['id']);
- $this->Session->write('GrpId', $userDetails['user_group_master_id']);
-
-
- $updatevalidkey = "UPDATE users SET is_validate='1' where id='".$userDetails['id']."' ";
- @mysql_query($updatevalidkey);
-
-
- ######### ISSUE THE sucessfully verify mail
- $userDetails=$this->getUserDetails($userDetails['id']);
- $this->set('userInfo',$userDetails);
- $this->Sendmail->Mail();
- $this->Sendmail->From(FROMMAIL);
- if(isset($userDetails['email']))
- $this->Sendmail->To($userDetails['email']);
-
-
- $subject="XOIMAGES REGISTRATION DETAILS";
- $this->Sendmail->Subject($subject);
- $this->Sendmail->layout='email';
- $this->Sendmail->view='mail_userinformation';
- $this->Sendmail->startup($this);
- $messageBody=$this->Sendmail->bodyText();
-
- $this->Sendmail->Body($messageBody); // set the body
- $this->Sendmail->Priority(1) ; // set the priority to Low
- $this->Sendmail->Send(); // send the mail
- ######### ISSUE THE sucessfully verify mail
-
-
- $this->redirect('/users/congratulations?id='.time().'&uid='.base64_encode($id).'&sessid='.session_id());
- }
- else
- $this->checkSession();
-
- }
- else
- $this->checkSession();
- }
-
- function verify_email() {
- if(isset($_SESSION['UserId']) && $_SESSION['UserId']>0) {
- $this->sendVerifyemail();
- $this->set('mailmsg','Mail sent to your email address') ;
- }
- else {
- $this->set('mailmsg','Please logged in or sign up') ;
- }
- $this->render('verify_email','ajax');
- }
-
- function viewalltag() {
- $this->layout = 'userphotoinner_detail';
- $this->pageTitle = 'Photo Tag';
- }
-
- function searchtag($alphasearch=null) {
-
- if($alphasearch)
- $searchtxt = "'".strtolower($alphasearch)."%'" ;
- else {
- if(isset($_REQUEST['txttagsearch']) && $_REQUEST['txttagsearch']!='')
- $searchtxt = "'%". strip_html_tags($_REQUEST['txttagsearch'])."%'";
- else
- $searchtxt='a%';
- }
-
- $tagarray = array();
- $tagsearchsql = "SELECT DISTINCT(tagname) FROM user_photo_albums_tags where tagname!='' and tagname like ". $searchtxt ."";
- $tagsearchsql_res = mysql_query($tagsearchsql);
- while($tagsearchsql_arr = mysql_fetch_array($tagsearchsql_res)) {
- $tagarray[] = substr($tagsearchsql_arr['tagname'],0,20);
- }
- $this->set('tagsql',$tagsearchsql);
- $this->set('tagarray',$tagarray);
- $this->set('Numtagarray',mysql_num_rows($tagsearchsql_res));
- $this->set('searchtxt',$alphasearch);
- $this->render('searchtaglist', 'ajax');
-
- }
-
- function abusethisUrl($txtUrl=NULL) {
- $this->layout="loginblank";
- if(isset($_REQUEST['abuseurl']))
- $this->set('abuseurl',$_REQUEST['abuseurl']);
-
-
- if(isset($_SESSION['UserId'])) {
- /* Check for the Abuse reportation */
- $checkforabuse = "SELECT * from report_abuse where user_id='".$_SESSION['UserId']."' and abuse_url='".$_REQUEST['abuseurl']."'";
- $checkforabuse_res = mysql_query($checkforabuse);
- if(mysql_num_rows($checkforabuse_res)>0) {
- $checkforabuse_arry = mysql_fetch_array($checkforabuse_res);
- $statusmsg = "You have already report this as abused On " .date("M d, Y",strtotime($checkforabuse_arry['creation'])) ;
- }
- else {
- $statusmsg ="showwindow";
- }
-
- }
- else {
- $statusmsg ="login";
- }
- $this->set('statusmsg',$statusmsg);
-
- }
-
- function savereportabuse() {
-
- if(isset($_SESSION['UserId']) && isset($_REQUEST['hfabuseurl']) && $_REQUEST['hfabuseurl']!='') {
- $checkforabuse = "SELECT * from report_abuse where user_id='".$_SESSION['UserId']."' and abuse_url='".$_REQUEST['hfabuseurl']."'";
- $checkforabuse_res = mysql_query($checkforabuse);
- if(mysql_num_rows($checkforabuse_res)==0) {
- $insertintoReprt = "INSERT INTO report_abuse SET user_id='".$_SESSION['UserId']."' , abuse_url='".$_REQUEST['hfabuseurl']."' , user_comment='".$_REQUEST['usercomment']."' , typeofblock='".$_REQUEST['abusetype']."' , user_ip='".$_SERVER['REMOTE_ADDR']."' ";
- @mysql_query($insertintoReprt);
- ####################################### MAIL TO THE ADMINISTRATOR #########
- $userDetails=$this->getUserDetails($_SESSION['UserId']);
- $this->set('reprtUrl', $_REQUEST['hfabuseurl']);
- $this->set('reprtabuseType',$_REQUEST['abusetype']);
- $this->set('reprtabuseComment',$_REQUEST['usercomment']);
- $this->set('reprtbyIp',$_SERVER['REMOTE_ADDR']);
- $this->set('reprtondate',date('M d, Y'));
- $this->set('reprtbyusername',$userDetails['username']);
-
-
- $this->Sendmail->Mail();
- $this->Sendmail->From(FROMMAIL);
- $this->Sendmail->To("xoadmin@gmail.com");
-
- $this->Sendmail->Cc("sujoy@navsoft.in");
- $this->Sendmail->Cc("sanjib@navsoft.in");
- $subject="Notification Report abuse ";
- $this->Sendmail->Subject($subject);
-
- $this->Sendmail->layout='email';
- $this->Sendmail->view='mail_reportabuse';
- $this->Sendmail->startup($this);
- $messageBody=$this->Sendmail->bodyText();
-
- $this->Sendmail->Body($messageBody); // set the body
- $this->Sendmail->Priority(1) ; // set the priority to Low
- $this->Sendmail->Send(); // send the mail
-
- ##############################################
-
- ####################################################### AUTOMATED BLOCKAGE OF THE URL ######
- $today = getdate();
- $startDateofmonth = $today['year'].'-'.$today['mon'].'-1';
- $bannedquery = "SELECT count(id) as totalrec , DATEDIFF(CURDATE(),'".$startDateofmonth."') as Totalday from report_abuse where abuse_url='".$_REQUEST['hfabuseurl']."' and DATEDIFF(CURDATE(),'".$startDateofmonth."')<=30 group by abuse_url " ;
- $bannedquery_res = mysql_query($bannedquery);
- if(mysql_num_rows($bannedquery_res)>0) {
- $bannedquery_array = mysql_fetch_array($bannedquery_res);
- if($bannedquery_array['totalrec']>=3) {
- $updateQuery = "UPDATE report_abuse SET admin_block='1' where abuse_url='".$_REQUEST['hfabuseurl']."' and admin_block='0' ";
- @mysql_query($updateQuery);
- }
- }
- ####################################
-
- }
- }
-
- $this->render('reportabuse', 'ajax');
-
- }
-
- function errorpage() {
- $this->pageTitle = 'Page not found';
- }
-
-
-
- }
- ?>